Information Security Engineer II

Company: Disability Solutions
Location: Des Moines
Posted on: October 11, 2024

Job Description:

At FHLB Des Moines, we work each day to develop an inclusive culture that supports and leverages the complexity of a diverse workforce. This enables us to effectively serve the needs of our members and help them succeed.Provide security guidance to project teams delivering business solutions, perform risk assessments of technology-related vendors, and consult on multiple projects simultaneously. . Ensure security controls are performed/monitored and lead analysis and response to security threats. Provide domain expertise on tools/processes in use. Additional duties include security program maintenance and improvement.Accountabilities:Key Responsibilities:

• Develop proposals and implement new tools and processes to mature the bank's security program.
• Monitor, analyze and report on the security of information systems.
• Provide specialised security training to technology teams.
• Collaborate with IT and business units to produce customer friendly procedures.
• Provide excellent security services to Bank business units.
• Advise and assist with operational security and response to information security incidents.
• Collaborate with the Legal department to conduct vendor assessments according to procedures.
• Provide information security requirement input in support of project initiatives.
• Research technologies and methods that better apply existing technology.
• Build, develop, implement, and maintain security standards, procedures, and guidelines to mitigate risk in the Bank's information security posture (internal/external).
• Assist with information security strategies and organizational governance. Communicate security strategies and framework to staff, partners, and other stakeholders.
• Promote security awareness through Bank-wide communication of policies and security threats.
• Respond and investigate cybersecurity incidents, collect, and analyze information from multiple event sources and internal and external sources.
• Serve as a point of contact for suspected and confirmed incidents.
• Examine incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage.
• Supervise for incidents with endpoints, databases, applications, networking, mobile and cloud services.
• Validate, document, prioritize, recommend, and complete root cause analysis.
• Supervise for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
• Collaborate as a purple team with colleagues in offense, defense, operators, threat intelligence and risk management roles.
• Recommend tactical options to reduce attack surface, containment alternatives and impede attackers.
• Perform or monitor departmental internal controls; monitor regulatory issues.
• Support, improve, and represent Identity Access Management (IAM) governance, policies and solutions across SSO, directory, certificate, MFA, privileged accounts, automation and behavior analytics systems.
• Assess and resolve IAM issues that occur across the employee base, as well as with external entities.
• Document access management procedures and exceptions; maintain integrity for audit reviews.
• Provision user accounts and access across multiple and sundry business applications.
• Assess and implement recommendations for improvements in automation efficiencies, security practices and end-user experience.
• Maintain understanding of business processes to improve leading enterprise identity and access.Requirements:
  • Bachelor of Science in Computer Science, Management Information Systems, or related field; prefer master's degree in information assurance, computer science or related field.
  • Minimum 5-8 years of experience as an information security analyst, specialist, or consultant.
  • Experience providing and validating security requirements related to network and operating system security.
  • CISSP, CISM, or similar security certification is highly desirable.Compensation Range:Annual Salary: $104,533.85 - $116,831.95This salary range represents the Bank's good faith and reasonable estimate of possible compensation at the time of hire. Offer to be determined by selected applicant's education, experience, knowledge, skills & abilities, as well as internal equity and alignment with market data. This role is also eligible to participate in the Bank's annual incentive plan. As part of our competitive Total Rewards package, the Bank offers 11 paid holidays, 5 weeks of PTO and a work culture that values work/life balance. Most roles are eligible for our hybrid work schedule of 3 days per week in office, 2 days per week work-from-home. We match 100% of the first 6% you contribute to your 401(k), and provide an additional 4% non-discretionary contribution to your 401(k) at the end of year. More information on our Total Rewards program can be found .At FHLB Des Moines, we celebrate diversity, work to create an inclusive culture and champion equity in all of our policies and practices. This enables us to effectively serve the needs of our members and help them succeed. FHLB Des Moines is proud to be an Equal Opportunity Employer. We prohibit discrimination on the basis of race, color, religion, sex (including pregnancy, sexual orientation or gender identity), national origin, age, disability, veteran status, genetic information (including family medical history), status as a parent or any other characteristic protected by federal, state or local law.

Keywords: Disability Solutions, Des Moines , Information Security Engineer II, Engineering , Des Moines, Iowa