Cybersecurity Engineer – R0067420

Cybersecurity Engineer – R0067420

Please review the following job description:

Responsible for developing and maintaining the technical IT/cyber security capabilities necessary for safeguarding the firm’s information systems and applications (software development lifecycle), including every phase of the SDLC and software stack. Assist in the designing, planning, testing and implementation phases of cybersecurity technology projects.

Essential Duties and Responsibilities

Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.
1. Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing.
2. Participate in efforts related to designing, planning, enhancing, and testing all cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
3. Participate in the analysis of information to determine, recommend, and plan the use of new technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources
4. Participate in the implementation of new information security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff
5. Take a new perspective on existing solutions to solve complex problems and exercise judgment based on the analysis (e.g. modeling, testing, etc.) of multiple sources of information.
6. Provide technical support of information security technologies, providing problem analysis and resolution in a timely manner and explain and interpret complex, difficult, or sensitive information.
7. Lead small cybersecurity projects with manageable risks and resource requirements; plays significant roles in larger, more complex initiatives.

Qualifications

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1. Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience

2. In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security

3. Previous experience in planning and managing IT projects

Preferred Qualifications:

1. Bachelor’s degree in Computer/Information Systems related field of study or equivalent IT work experience
2. Minimum one year experience writing Regular expressions, applying patches to applications and testing applications
3. Technical knowledge of or some experience, involving Tools administration / Infrastructure support or design/System Support and testing.
4. Ability to use basic Windows command prompts, write simple SQL queries and review application log files
5. Knowledge of Data Protection and Data Governance concepts
6. Three to five years of experience in any one of the following:

Cybersecurity application support

Systems engineering administration / Tools administration or support

Infrastructure support or design

Implementing and testing web-based applications

7. In-depth knowledge of applied enterprise information security technologies including but not limited to data protection tools associated with scanning and classification/tagging of sensitive data, database activity monitoring and alerting.
8. Experience working with data protection, data classification toolsets, or data security concepts – directly or as part of delivering technical solutions processing sensitive data and requiring specific data protection controls.
9. Banking or financial services experience
10. Implementing COTS (Commercial Off-the-shelf) applications
11. Performing testing for COTS applications
12. Experience working in cloud applications and services including but not limited to M365 and AWS
13. Experience doing development using Agile methodologies

Other Job Requirements / Working Conditions

Sitting

Constantly (More than 50% of the time)

Visual / Audio / Speaking

Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / Keyboarding

Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.

Availability

Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

Travel

Minimal and up to 10%

Truist supports a diverse workforce and is an Equal Opportunity Employer who does not discriminate against individuals on the basis of race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Drug Free Workplace.