Security Engineer (Remote)

Are you ready to take your career to the next level? Regional strives to positively impact the financial lives of our customers.

For over 35 years, our Team Members have been passionate about supporting customers through their financial challenges in life. They take pleasure in finding solutions and lending a helping hand, both to our customers and our communities. As we continue to grow and become a national brand in consumer financing, we hope you'll consider us for future career opportunities.

If you are looking to make a meaningful impact in people's lives by bringing a personal touch to finances, join our team today!

Job Purpose

The Security Engineer (SE) plays a supportive role in the organization's response to security threats. The SE works to reduce the risk and potential impact of cyber-attacks to the company by cultivating, maintaining, and advancing detection capabilities by taking ownership of a subset of detection tools and their effectiveness.

Duties and Responsibilities

The SE is part of a team that will be responsible for the daily care and maturing of IT Security defenses using tools such as Antivirus, vulnerability management, DLP, and database activity monitoring. Duties will encompass cloud-based security for AWS and O365. The SE provides support to the organization's security mission by pursuing best practices for the operational areas to which they have ownership. In addition to ownership of daily security operations, the SE engages with technical peer groups to proactively identify areas for improvement and work with IT Security leadership to produce action plans. The SE will work with IT Security team members to understand their roles and become familiar with daily processes to the point of providing team member redundancy. Participation in on call activities as needed is expected.

• Maintains and operates primary information system security controls and countermeasures. (Certain controls reside outside of the IT Security team and will be monitored by IT Security).
• Participates in the change management lifecycle of information systems.
• Analyzes and recommends security controls and procedures in the use of information systems and assets and monitors for compliance.
• Participate in security-related projects across multi-functional teams.
• Able to compose and review scripts written in common languages such as PowerShell, Python, SQL, VB Script, or other languages.
• Collaborates on the security hardening of onsite services as well as cloud-based services such as O365, AWS, and Azure.
• Be an advocate for best practice security hygiene.
• Monitors information systems for security incidents and vulnerabilities.
• As part of the Incident Response Team: Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches.
• Establishes best practice criteria for security operational tools. Matures and maintains day-to-day operations of such tools.
• Liaising with vendors to implement security solutions.
• Maintain an advanced level of business functional knowledge and current security technologies.

Minimum Qualifications

• Associate degree in a related field
• Active entry-level IT Security certification or ability to achieve within 6 months of hire (Security+, SSCP, GSEC, etc).
• Minimum 4 years of IT Security Engineering or IT System Administration experience.

Preferred Qualifications

• Advanced level experience with security monitoring tools and infrastructure security design.
• Advanced level experience with various operating systems such as Windows and Linux including centralized management of such systems.
• Prior experience in a highly regulated industry such as banking/consumer finance, healthcare, or defense.
• Prior experience with DevOps environment.
• Prior experience with securing cloud-based technologies.
• Prior experience working with globally diverse teams.
• Prior experience creating documentation such as Standard Operating Procedures (SOPs), Policy Recommendations etc.

Critical Competencies

• Adept in current global threats and vulnerabilities along with associated countermeasures.
• Demonstrated ability to document complex topics.
• Exposure to both large and complex IT projects.
• Demonstrated analytical skills, including aptitude towards problem identification, resolution, and comprehension and interpretation of technical procedures.
• Ability to adapt to and manage change.
• Requires planning, organization, and management skills.
• System savvy - e.g., knowledge of collection software applications, ability to analyze data through SQL, queries or other such tools, expert of computer technologies and interface techniques.
• Ability to work under minimal supervision with accountability towards agreed-upon deadlines.

Working conditions

May require occasional after hours/weekend work to support upgrades etc. May require unplanned after hours work in cases of security incidents.

Regional is an equal opportunity employer and does not discriminate on the basis of race, color, religion, creed, national origin, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, transgender status, age, disability, genetic information, veteran status, uniform service, or any other characteristic protected by applicable law ("Protected Characteristics"). Regional's policy of non-discrimination applies to all phases of the employment process and relationship, including, but not limited to, recruitment and selection; compensation and benefits; professional development and training; promotions and opportunities; transfers; social and recreational programs; layoff; and terminations.