EagleBank

Silver Spring, Maryland, United States

Senior Information Security Engineer

Posted over 1 month ago

Job Description

Category
Technology
Position Type
Full-Time/Regular
Job Location
11900 Bournefield Way, Suite 150, Silver Spring, MD
Tracking Code
1309-948

EAGLEBANK OVERVIEW:

Eagle Bancorp, Inc. headquartered in Bethesda, MD, was incorporated in 1997 to serve as the bank holding company for EagleBank. Eagle Bancorp is a publicly traded company under the symbol EGBN. EagleBank commenced banking operations on July 20, 1998, and currently operates 20 banking offices: six in Suburban, Maryland, five located in the District of Columbia; and nine in Northern Virginia. The Bank was founded to specifically address the business and personal needs of local business owners. It has been answering and exceeding those needs for over 20 years, providing custom financial solutions, local access to senior management, quick response, local decision-making, and a deeply-rooted dedication to the local community.

Our Mission is to be the most respected and profitable community bank by putting relationships first to the delight of our customers, employees, and shareholders, and relentlessly deliver the most compelling service and value. Eagle Banks Values are: Relationships FIRST: Flexible, Involved, Responsive, Strong, and Trusted.

GENERAL SUMMARY:

Information Secuirty Engineer II (also refererred to as Senior Information Security Engineer) is responsible for monitoring, analyzing and maintaining EagleBanks technical security controls in support of EagleBanks Information Security Program. This role will be focused on maintaining the security of the EagleBank applications and network which includes creation and timely execution of project plans, tool installations, assisting with upgrades of EagleBanks technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity and availability of EagleBanks information systems and infrastructure are sufficiently mitigated which in turn, supports the banks operational goals. The role will also perform triage and analysis of security events escalated from the Tier1 and Tier-2 support teams.

MAJOR DUTIES AND RESPONSIBILITIES:

  • Maintain an efficient and secure IT infrastructure.
  • Assist in the execution of information security projects with other engineers, vendors and consultants
  • Review, analyze, and update network security tools and document, troubleshoot, and remediate issues.
  • Work with managed service providers, network administrators, and Security Operations to resolve problems, evaluate new solutions, recommend changes, and investigate incidents.
  • Analyze reports, identify, and distribute action items or service tickets to support teams or vendors to address workstation, server, or network issues.
  • Document and Submit Change Management events in appropriate forms and represent changes to Change Advisory Committee.
  • Other duties as assigned.

Required Education/Experience:

  • Bachelors degree in Computer Science or Information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.
  • 7 years experience in a combination of information security operations/engineering/administration with emphasis on deploying security products.
  • 4 years experience with designing and implementing information security technologies required
  • Familiar with security tools used for Privilege Access Management (PAM), Security Event Incident Management (SIEM), Endpoint Security (EDR), etc.
  • Experience working in Microsoft network security environment with knowledge of Active Directory, Group Policy, etc. Knowledge working in Azure AD environments on Azure and O365 a big plus.

Preferred Education/Experience:

  • Hands-on experience with AD tools for inventory, analysis and report on Active Directory structure, objects, permissions, etc. Detect and respond to unusual file access and activity which could indicate insider threats or advanced account takeover attacks using user behavior analytics.
  • Experience with malware analysis using sandboxes.
  • Experience with information security on the public cloud (Azure, O365) environment
  • 3 years security engineering/administration in the financial sector

Required Certifications, Licenses or systems needed :

One or more of the following certifications (or equivalent):

  • SANS GIAC Certifications, such as
    • GPPA: GIAC Certified Perimeter Protection Analyst
    • GCIH: GIAC Certified Incident Handler
    • GPEN: GIAC Penetration Tester
  • CASP (CompTIA Advanced Security Practitioner)
  • EC-Council Certified Ethical Hacker (CEH)

Preferred Certifications, Licenses or systems:

One or more of the following certifications (or equivalent):

  • SANS GIAC Certifications such as
    • GSAE GIAC Security Audit Essentials
    • GWAPT GIAC Certified Web Application Penetration Tester
    • GSE GIAC Security Expert
  • EC-Council Certified Security Analyst (ECSA)
  • ISC2 System Security Certified Practitioner (SSCP) or other ISC2 or ISACA certifications

Required Knowledge & Skills:

  • Knowledge of TCP/IP networking: networking topology, protocols and services.
  • Excellent knowledge of Privilege Access Management (PAM) Tools, like CyberArk or Thycotic.
  • Knowledge of Active Directory (AD) Audit Tools like Stealthbits, Varonis, Netwrix, etc.
  • Excellent knowledge of SEIM (LogRhythm), NBA (ExtraHop, Stealthwatch) or UEBA tools.
  • Excellent knowledge of Microsoft Operating system. Knowledge of Linux operating system is a plus.
  • Strong Active Directory and Windows Group Policy (GPO) knowledge.
  • Networking technology and protocols, including routers, switches, VPNs, Citrix, email gateways, etc.
  • Microsoft Cloud Experience Azure Security Center, O365 Security Center, Azure Sentinel, etc.

67542131

Sorry, this job has expired.