Application Security Risk Manager - Technology

Employer
Financial Industry Regulatory Authority, Inc.
Location
Rockville, MD
Posted
Mar 15, 2017
Closes
Mar 21, 2017
Hours
Full Time
Title: Application Security Risk Manager - Technology - Rockville, MD Location: null Other Locations: null We Work to Protect Investors. Join our Team. The Financial Industry Regulatory Authority (FINRA) is seeking a well qualified individual for our Lead Security Engineer opening in Rockville, MD . To be considered for this position, please submit your resume through our career site at www.finra.org/careers - no phone calls, please. Job Summary: The Lead Security Engineer, working independently, will direct staff in the execution of manual activities and/or automated activities to ensure applications and projects within their portfolio meet defined quality standards. Essential Job Functions: Ensure that security risks are comprehensively and effectively managed though leading the application of established and ad hoc processes and techniques to identify, validate, and prioritize. Lead the identification of security requirement deficiencies, eliciting of security requirements, and the architecture and design of security controls. Develop and implement strategies to promote consistent use of security controls across the enterprise. Lead the operation and monitoring of security controls. Establish, implement, and promote security control operation and monitoring strategies. Ensure that controls are operating effectively; resolve operating discrepancies. Review, triage, and prioritize control output. Take appropriate action to resolve security discrepancies. Lead the identification, evaluation, and recommendation of new security technologies, techniques, and tools. Lead team in defining, reviewing, and promoting information security policies, standards, guidelines, and procedures. Lead and champion efforts to enforce and monitor compliance with internal and external regulations, policies, and standards. Establish and promote strategies to ensure that compliance is effectively monitored and enforced. Direct internal process improvement initiatives. Provide feedback on processes by offering suggestions. Mentor junior staff. Participate in external process improvement committees as a Quality Assurance representative. Provide backup coverage for next level management, as appropriate. Assist with adherence to technology policies and comply with all security controls. Ensure all work products meets/exceeds FINRA standards. Education/Experience Requirements: Bachelor's degree in Computer Science, Information Systems or related discipline with at least five (5) years of related experience, or equivalent training and/or work experience; Master's degree and past Financial Services industry experience preferred. Experience must include direct experience in leading key areas such as: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development. In-depth knowledge of more than one communications protocol. Experience managing several Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions. Strong written and verbal technical communication skills. Demonstrated ability to develop effective working relationships that improved the quality of work products. Should be well organized, thorough, and able to handle competing priorities. Ability to maintain focus and develop proficiency in new skills rapidly. Ability to work in a fast paced environment. Excellent planning skills. Willingness to accept new challenges and grasp new or changing concepts, technologies and procedures. In-depth knowledge across all areas of Information Security. Working Conditions: Work is normally performed in an office environment. Occasional travel and extended hours may be required. The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required. Please note: If the "Apply Now" button on a job board posting does not take you directly to the FINRA Careers site, enter www.finra.org/careers into your browser to reach our site directly. FINRA strives to make our career site accessible to all users. If you need a disability-related accommodation for completing the application process, please contact FINRA's accommodation help line at 240.386.4865. Please note that this number is exclusively for inquiries regarding application accommodations. In addition to a competitive salary, comprehensive health and welfare benefits, and incentive compensation, FINRA offers immediate participation and vesting in a 401(k) plan with company match. You will also be eligible for participation in an additional FINRA-funded retirement contribution, our tuition reimbursement program and many other benefits. If you would like to contribute to our important mission and work collegially in a professional organization that values intelligence, integrity and initiative, consider a career with FINRA. Important Information FINRA's Code of Conduct imposes restrictions on employees' investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. All of those accounts are subject to the Code's investment and securities account restrictions , and new employees must comply with those investment restrictions-including disposing of any security issued by a company on FINRA's Prohibited Company List or obtaining a written waiver from their Executive Vice President-by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment. As standard practice, employees must also execute FINRA's Employee Confidentiality and Invention Assignment Agreement without qualification or modification and comply with the company's policy on nepotism. About FINRA FINRA is an independent, non-governmental regulator for all securities firms doing business with the public in the United States. FINRA works to protect investors and maintain market integrity in a public-private partnership with the Securities and Exchange Commission (SEC), while also benefiting from the SEC's oversight. In its role as investor guardian, FINRA is informed, but not influenced, by the industry that it regulates. FINRA's independent regulation plays a critical role in America's financial system-all at no cost to taxpayers. FINRA touches virtually every aspect of the securities business-from registering and educating industry participants to examining securities firms; writing rules; enforcing those rules and the federal securities laws; informing and educating the investing public; providing trade reporting and other industry utilities; and administering the largest dispute resolution forum for investors and registered firms. FINRA uses technology powerful enough to look across markets and detect potential abuses. Using a variety of data gathering techniques, we work to detect insider trading and any strategies firms or individuals use to gain an unfair advantage. In today's fast-paced and complex global economy, FINRA is a trusted advocate for investors, dedicated to keeping the markets fair and proactively addressing emerging regulatory issues before they harm investors or the markets. FINRA operates from Washington, DC, and New York, NY, with other offices around the country. Find out more about us and how we work-and view our current openings-at www.finra.org/careers. Search Firm Representatives Please be advised that FINRA is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, a valid written agreement and task order must be in place before any resumes are submitted to FINRA. All resumes submitted by search firms to any employee at FINRA without a valid written agreement and task order in place will be deemed the sole property of FINRA and no fee will be paid in the event that person is hired by FINRA. FINRA is an Equal Opportunity and Affirmative Action Employer All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the person's relatives, friends or associates. FINRA abides by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. FINRA abides by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans. (C) 2017 FINRA. All rights reserved. FINRA is a registered trademark of the Financial Industry Regulatory Authority, Inc.