Cyber Security Engineer III
About Working At Commerce
Built on a foundation of helping people find financial safety and success, thriving businesses, and ensuring the safekeeping of people and their money. Our culture is built on our people, both those in our communities and those who work with us. Here, you’ll find opportunities to grow, connect, and build relationships. We invest in you because our number one investment is you.
About This Job
The main purpose of this job is to adhere to Incident Response protocol, administer Information Security systems, assess information risk, and identify and remediate vulnerabilities for IT security across the enterprise. The individual will be focused on providing Incident Response, remote access stability, and managing enterprise logging through operations of SIEM utilities, intrusion detection system/intrusion prevention system (IDS/IPS), data loss prevention (DLP) and enterprise anti-virus solutions.
Essential Functions
- Proactively hunt for IOCs and IOAs across endpoints, networks, and cloud environments
- Develop hypotheses based on attacker tactics and techniques and use behavioral analysis to identify anomalous patterns related to authentication and access
- Collaborate with team members to investigate suspicious activity
- Perform Incident Response and event management, including Incident remediation protocol, lessons learned, and process improvement/efficiency
- Perform Intrusion prevention, administration of Information Security IPS systems, phishing monitoring and anti-phishing practices
- Handle remote access maintenance, administration and configuration
- Participate in the Internet Monitoring process in addition to Data Loss Prevention
- Perform Firewall administration, policy configuration and management of web application firewalls, VPN configuration and administration
- Perform Anti-virus anti-malware system maintenance and best practices configuration
- Perform Internal customer service related to access requests, troubleshooting, and problem resolution
- Promote awareness of applicable security standards, policy, and best practices across the Bank
- Perform other duties as assigned
Knowledge, Skills & Abilities Required
- Strong knowledge of Firewall, WAF, Virtual Private Network and Remote Access systems administration
- Strong ability to administer IPS/IDS, SIEM technologies, Anti-Virus, and Data Loss Prevention systems
- Strong ability to work with threat intelligence, developing proactive best practices, monitoring and alerting, and remediation
- Motivated and organized self-starter with strong attention to detail and the ability to manage multiple priorities
- Inquisitive, agile and strong team player with excellent written, verbal and interpersonal communication skills
- Ability to remain adaptable and resilient to all situations with an optimistic outlook and cast a positive shadow that is aligned with our culture and Core Values
Education & Experience
- Bachelor’s Degree in Information Systems, Computer Science, Information Security, related field or equivalent combination of education and experience required
- 5+ years IT security or information security experience with ability to engage with internal customers and management required
- 5+ years experience conducting incident response remediation and process protocol required
- 5+ years experience in administering firewall, WAF, and Virtual private network systems/appliances required
- Windows and Linux workstation, server administration, and scripting experience required
- Prior experience working within a financial services organization preferred
- Certified Information Systems Security Professional (CISSP), or related certification preferred
Remote Schedule
Hybrid with the expectation to be in the Kansas City office 1 day a week
Compensation Range
Hourly: $44.70 - $52.40 (Amount based on relevant experience, skills, and competencies.)
Benefits
- employer sponsored health, dental, and vision insurance
- 401(k)
- life insurance
- paid vacation
- paid personal time
- career development
- education assistance
- voluntary supplemental benefits