Data Security Engineer

Location:

Use skills, experience, and talent to help Key grow an effective information security program by analyzing, assessing, and helping mitigate security issues.

Applicant must be able to demonstrate the ability to:

• Deliver new security solutions partnering with technology teams for implementation and improve on existing security solutions based on established and scoped security standards.
• Evaluate and determine the most effective method of mitigating business and security risk for new and existing technologies.
• Demonstrate in-depth knowledge of security and technology, with strong understanding of privileged access and risk management.

Applicant must have an excellent technical background across a wide range of security disciplines and solutions and must have excellent presentation, writing, communication, and customer interface skills.

• Interpret risk mitigations with a mindset of providing the best fit solution to balance security and business needs.
• Partner with technology and security teams to design and develop Proof of Concept (PoC) security solutions for set business initiatives.
• Coordinate with the Security Architecture team to understand and ensure implementation of security policies and standards for new technologies.
• Implement new security controls and educate on the purpose and capabilities.
• Cultivate an engineering mindset in partner security teams when collaborating to design and PoC security solutions.

• Proficiency in various Hardware Security Modules such as Atalla and SWIFT
• Authentication, authorization, and access control methods.
• Cloud Security and Security Engineering principles as well as the Information Security Lifecycle
• Computer, network communication, and encryption methods, protocols, principles, and concepts.
• Cyber defense and vulnerability assessment tools and their capabilities.
• Enterprise information security architecture.
• Awareness of new and emerging Information Technology (IT) and cybersecurity technologies.
• Integrating the organization's goals and objectives into the architecture and translating operational requirements into protection needs.

• Experience with SecuPi, Guardium and Key Management Services preferred

• Ensuring the confidentiality, integrity, and availability of sensitive data within an organization through measures like encryption, data masking, and monitoring
• Identify, evaluate, communicate, and remediate security and business risks.
• Design, test, and develop implementation plans for security controls.
• Effective communication skills and collaboration with team members.
• Adhere to technical standards and participate in standards evolution.
• Thorough knowledge of continuous integration, continuous delivery, continuous testing, and configuration management methodologies.
• Thorough knowledge of analytical thinking concepts and techniques.
• Strong foundation of GCP security and infrastructure concepts and best practices.
• Familiarity of Azure security and infrastructure concepts and best practices.
• Experience in development, automation, and integration of security tools and procedures.
• Assist with the development and management of security policies and procedures.

• Manage, inform, report, and reduce business and security risk.
• Design security solutions that supplement a technology team's business need.
• Enable technology teams to effectively support security solutions.
• Communicate issues with security standards.
• Implement and manage incident response plans, including monitoring and responding to alerts, reviewing and testing the plan regularly, and incorporating lessons learned into updates
• Perform security audits and risk assessments.

• Bachelor's degree or equivalent work experience.
• Professional security certification desired (CISSP, CISM, CISA, etc.).
• Experience with SecuPi, Guardium and Key Management Services preferred
• Basic understanding of security threats and knowledge of financial industry.
• Strong risk-based analysis and decision-making skills.
• Proven ability to identify and implement process improvement opportunities.
• Results oriented, a team player, and a self-starter with the ability to work with general direction.
• Ability to manage competing priorities.

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $112,000 to $150,000 annually depending on location and job-related factors such as level of experience. Compensation for this role also includes eligibility for short-term incentive compensation and deferred incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.