TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.
The Sr. Security Engineer will be responsible for the implementing of security solutions and partnering with the operational users of those security solutions to ensure that the underlying technology is sufficiently meeting the needs of Security as well as suggesting and implementing enhancements technologies. This role may require flexible hours and expanding responsibilities for new technology.
KEY RESPONSIBILITIES AND DUTIES:
Serve as the subject matter expert (SME) for enterprise security solutions, such as Nexpose, Venafi, RadiantLogic, and best security practices including compliance to controls.
Partner with security architecture on implementing and improving security solutions
Continually assess security controls for deficiencies then remediate
Measure and report key performance indicators for responsible solutions including effectiveness of control activities, uptime, and enhancement demand
6 years information security experience
6 years technology engineering experience
3 years' experience with UNIX/Linux administration.
2 years' experience with SDLC
Experience with SOC2 and at least one of the following; SOX, SSAE16, PCI-DSS
Experience with or knowledge of various platform security tools and scoring concepts (e.g., AV, HIPS, firewalls, CVSS, OWASP 10, etc.)
Experience managing PKI and understanding of certificates and encryption
Experience managing various database technologies (e.g., Oracle, MS-SQL, etc.)
Experience with or knowledge of various network security tools (e.g., firewalls, NIPS, WIPS, VPN, DLP, etc.) (desired)
Experience with or knowledge of one or more common scripting languages (XML, Python, Java, PowerShell, SOAP/REST) and regular expressions
General information security certification (e.g., CISSP, CISM, etc.) (desired)
Technical information security certification (e.g., CCNP, MCSE, MCITP/MCTS, etc.) (desired)
Experience in the Financial Services industry (desired)
Prior consulting experience (desired)
Excellent verbal and written communication and documentation skills
Excellent ability to calculate both risk and return on investment
Ability to proactively identify security enhancement opportunities and execute on them
Equal Employment Opportunity is not just the law, it's our commitment. Read more about the Equal Employment Opportunity Law .
If you need assistance applying due to being visually or hearing impaired, please email Careers Help .
We are an Equal Opportunity/Affirmative Action Employer. We will consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status. Associated topics: forensic, identity, identity access management, information assurance, information technology security, phish, security, security engineer, security officer, vulnerability
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.