Security Engineer
Truist · Charlotte, NC · 4 days ago
Information TechnologyFull-time
About the role
The position involves designing and implementing advanced technical and cybersecurity capabilities across the software development lifecycle, including threat modeling, security testing, and penetration testing.
Responsibilities
- Designs and implements cybersecurity solutions that protect critical assets within the job area, contributing to the technical design and implementation approach while following established strategies and patterns.
- Performs threat modeling, security testing, and penetration testing for the platforms and services in scope, using structured analysis to identify and remediate significant vulnerabilities.
- Integrates and configures information security technologies in production environments, implementing and refining configuration patterns, automation, and handoff steps for assigned systems or services.
- Serves as a technical escalation point within the team for challenging security issues, investigating root causes and developing practical, reusable fixes that improve team workflows.
- Evaluates relevant security threats, tools, and design options, and provides input that helps shape technical plans, priorities, and goals for the job area.
- Collaborates closely with product and engineering teammates to apply security architecture guidance, secure-by-design practices, and governance controls in day-to-day development activities.
- Develops and maintains security baselines, guardrails, and control implementations for systems and applications in the area of responsibility, helping support regulatory and policy compliance.
- Leads the technical execution of incident response and basic forensic activities for services in scope, following playbooks, coordinating tasks with teammates, and suggesting improvements to procedures and tooling.
- Provides guidance, coaching, and informal training to other security engineers and technical teammates, sharing best practices through design and code reviews and knowledge-sharing sessions.
- Leads significant security engineering workstreams or end-to-end processes within the job area, coordinating contributions from lower-level technical professionals and reviewing outputs for quality and alignment.
Qualifications
- Bachelor’s degree or equivalent education, training, and work-related experience.
- Minimum of 5 years of experience in security engineering or related cybersecurity roles.
- Advanced knowledge in cybersecurity principles, theories, and concepts.
- Proven experience in software development lifecycle security practices.
- Advanced knowledge of threat modeling, security testing, and penetration testing.
- Experience implementing and managing complex information security technologies.
Benefits
Please refer to the General Description of Available Benefits for Eligible Employees of Truist Financial Corporation for details.