Engineer Security

Our vision for the future is based on the idea that transforming financial lives starts by giving our people the freedom to transform their own We have a flexible work environment and fluid career paths We not only encourage but celebrate internal mobility We also recognize the importance of purpose well-being and work-life balance Within Empower and our communities we work hard to create a welcoming and inclusive environment and our associates dedicate thousands of hours to volunteering for causes that matter most to them Chart your own path and grow your career while helping more customers achieve financial freedom Empower Yourself DUTIES RESPONSIBILITIES ESSENTIAL FUNCTIONS Conduct security operations necessary to maintain the confidentiality availability and integrity of enterprise data and information systems Provide excellent customer service for internal and external customers in support of security initiatives incident response and support Maintenance of security tools and technologies throughout the enterprise environment Evaluate design and implement security related solutions adhering to established change control processes Provide technical security planning implementation configuration support and troubleshooting services on all security technologies Provide accurate clear and concise documentation of system requirements specifications and final builds Perform all necessary functions associated with the implementation and integration of security tools and platforms into the enterprise environment Coordinate with systems and network engineers to ensure servers and network devices conform to security standards and that security devices and controls are working as designed Assist with the development implementation and administration of information security policies standards and procedures adhering to industry best practices Assist in defining the security strategy and integrating regulatory compliance requirements e g PCI GLBA into the organizational security roadmap Assist in ensuring that the corporate IT environment is secure and complies with all internal and external audit requirements Implement and maintain cryptographic controls e g data at rest data in transit in line with security requirements Identify potential security risks and define and document remediation options or mitigating controls Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events establishing and adhering to escalation procedures and response times Review and approve submitted application and systems change requests for security compliance Provide subject matter expertise counsel and input for enterprise-wide information security initiatives strategies projects and policies Maintain certifications and keep up-to-date with current information technology Participate in 24x7 on-call rotation Perform related duties as requested EDUCATION Bachelor s degree in Information Technology Computer Science or related field and 6 years experience in information technology or related field within the last 10 years OR 8 years experience in information technology or related field within the last 10 years OTHER PREFERRED QUALIFICATIONS 4 years of technical experience working with security solutions and conducting security operations 4 years of network security experience and reviewing security tools and solutions and making recommendations on utilization and strategy 4 years of experience with network protocols data flows and attacks within an IP environment 3 years of experience in building configurations for security devices and building an automated process to support large-scale deployment Extensive knowledge and experience with security software firewalls intrusion detection systems and other security systems and network monitoring Extensive hands-on technical knowledge of network systems protocols and standards such as Ethernet LAN WAN and TCP IP Experience as a security specialist in a regulated IT environment including some combination of SOX HIPAA GLBA PCI and responsible for compliance and performing coordinating audits 1 years 3 years of experience with commercial and open source security applications and technologies e g malware prevention DLP IDS IDP cryptography vulnerability scanning and penetration testing as well as related protocols and tools e g SSH SSL TLS snort port scanners rootkit detectors etc 2 years of experience performing network and application security administration penetration testing and or threat assessments ISSP GIAC certification s 2 years programming scripting experience - one or more of C C Java Perl PHP Python shell Competency with Linux Unix and Windows operating systems and CLI commands Ability to use creative thinking and problem-solving skills intuition initiative and out of the box thinking to solve problems quickly 3 years Cloud AWS Azure Google Linux Unix Scripting Bash Perl Python This job description is not intended to be an exhaustive list of all duties responsibilities and qualifications of the job The employer has the right to revise this job description at any time You will be evaluated in part based on your performance of the responsibilities and or tasks listed in this job description You may be required perform other duties that are not included on this job description The job description is not a contract for employment and either you or the employer may terminate employment at any time for any reason as per terms and conditions of your employment contract We are an equal opportunity employer with a commitment to diversity All individuals regardless of personal characteristics are encouraged to apply All qualified applicants will receive consideration for employment without regard to age race color national origin ancestry sex sexual orientation gender gender identity gender expression marital status pregnancy religion physical or mental disability military or veteran status genetic information or any other status protected by applicable state or local law