Role Description The Security Engineering role is part of a team responsible for administering security projects designed to safeguard the bank's information systems.
The Engineer focuses on defining and documenting projects, creating and executing project plans, engaging in project cost management, resource management and performing periodic reporting.
Acts as a subject matter expert who uses expertise to resolve complex problems in consideration of established policies, guidelines or processes.
JRI America, Inc., ("JRI-A"), is a subsidiary of the Japanese IT financial services company, Japan Research Institute Ltd ("JRI"), which is the specialist IT subsidiary of Sumitomo Mitsui Financial Group ("SMFG").
SMFG which owns Japan's second-largest bank, Sumitomo Mitsui Banking Corporation ("SMBC") by asset size and a Fortune Global 200 company offers a broad range of financial services, primarily banking-related.
The group is also engaged in leasing, securities, credit cards, mortgage securitization, venture capital and other credit related businesses and employs over 60,000 people worldwide and has a stated strategic objective of further global expansion.
JRI-A provides information technology services in the Western Hemisphere (including the Americas, Europe, Middle East and Africa) that support the Group's operations.
Role Objectives
• Some experience in process documentation and project management
• Functional knowledge of some of the following: Unix, Linux, Windows 10/11, Windows 2016/19 Server, Sharepoint, MS O365, Microsoft Active Directory and Azure, SQL and Oracle Databases, Certificate Management, Privileged Access Management
• Ability to utilize resources to contribute valuable input to Information Security projects and Risk Assessments, (e.g.
ISACA, CIS, FS-ISAC).
• Basic knowledge of security monitoring concepts.
• Highly developed sense of accountability and follow through with discipline to effectively prioritize multiple tasks within the context of conflicting deadlines and changing priorities.
• Ability to raise awareness and issues to executive leadership, engage leaders and stakeholders in understanding their roles in delivering enterprise Change, Configuration and Release Management processes.
• Ability to communicate effectively to all levels in the organization and adapt information delivery based on audience.
• Excellent verbal and written communication skills with ability to articulate concepts and ideas to business and technology staff.
• Ability to work cooperatively and effectively with others to set goals, resolve problem, and make decisions that enhance organizational effectiveness.
• Knowledge and Administration of some of the following Security Applications (multiple required): CyberArk, Ivanti Application and Device Control, Imprivata, Centrify, Vasco, Varonis, Imperva, SEIM Solutions, UIPath, Crowdstrike, Forescout, Illumio, PolicyPak Qualifications and Skills
• 3-5 years experience supporting IT Security tools and applications.
• Bachelor's Degree in Computer Science or related field.
• Minimum one year secure browser understanding and administration (eg.
)
• Process documentation, flow charting and re-engineering experience.
• Some Project Management Experience a plus
• Encryption technologies and PKI infrastructure
• Knowledge of Information Security regulatory requirements, codes and industry guidance such as NIST 800-53, ISO27001, CIS and Cobit.
• Ability to utilize resources to contribute valuable input to Information Security projects and Risk Assessments, e.g.
ISACA, CIS, FS-ISAC.
• Networking technologies (TCP/IP/etc…) and protocols (SSL, SSH, LDAP, SMTP, DNS, etc.).
• Unix, Linux, and Windows Operating Systems
• Microsoft Active Directory, Azure Active Directory
• Familiarity with security monitoring concepts.
• Strong verbal and written communication skills.
• Ability to communicate effectively to all levels in the organization and adapt information delivery based on audience.
• Ability to communicate information security concepts across a broad range of technical and non-technical staff.
• Ability to multitask and work under tight deadlines.
• Ability to raise awareness and issues to executive leadership, engage leaders and stakeholders in understanding their roles in delivering enterprise Change, Configuration and Release Management process.
• Good communication and written skills.
• Self-motivated and ability to work within stringent time frames.
• Strong analytical and investigation skills.
• Strong team player.
• Experience dealing with both technical and non-technical staff.
• Weekend and late-night work will be required on occasion for support.