PRIMARY PURPOSE: In conjunction with the IS Manager – Operations & Engineering and the Chief Information Security Officer (CISO), develop and implement an enterprise-wide information cloud security framework. Assist in the daily support of the cloud security technology to protect client and intellectual data for all cloud/hybrid solutions. This position will lead the use of cloud security technology to protect OceanFirst data and applications, implement appropriate monitoring and testing to ensure bank-wide adherence to the bank’s information security protocols.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Act as subject matter expert (SME) on cloud security issues. Scope, design, develop, test, and present proof-of-concepts for various cloud security solutions.
- Maintain ongoing communications with IT peers to ensure enterprise-wide understanding of information security goals, to solicit feedback and to foster co-operation. Provide information security architecture & systems engineering consulting to Information Technology and business teams. Participate in architectural discussions to provide security recommendations when building new, or migrating existing, applications, software and services on Azure, AWS or Google Cloud Platform.
- Execute the deployment, integration and initial configuration of all new and enhanced information security solutions with IT partners in accordance with standard best operating practices and the enterprise’s documented information security procedures.
- Provide technical guidance for software developers for using cloud services according to best practices for the best security outcomes.
- Ensure appropriate systems and controls exist to protect the confidentiality, integrity and availability of data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
- Participate in monitoring security systems, log reviews, and managing information security systems. Support the information security activities of the bank’s external network sources. Review relevant logs for security events
- Maintain current knowledge and understanding of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Stay abreast of emerging security threats, vulnerabilities and controls. Understand the IT threat landscape for banking and financial services industry.
- Help deliver enterprise-wide security awareness training for all employees to ensure consistently high levels of compliance with enterprise security requirements. Coordinate and/or conduct security awareness training to all personnel and enforce compliance.
- Active participant in Incident Response Plan tabletop exercises.
- Update security software tools to current versions as necessary.
- Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments
- Automate security controls, data and processes to provide improved metrics and operational support.
- Ensure continued compliance with laws and applicable regulations.
- Schedule periodic security assessments.
- Choose and recommend security products as necessary.
- Coordinate electronic discovery and digital forensic investigations.
- Ensure an inventory of technology assets, classified by sensitivity and criticality is properly maintained.
Knowledge, Skills & Abilities
- Working knowledge or familiarity with cloud security concepts, technologies, and best practices,
- Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) strongly preferred.
- Proven ability to successfully partner with internal clients and vendors to align strategy with deliverables, identify business challenges and develop alternatives to mitigate.
- Strong service management and service delivery orientation.
- Strong written, oral, and interpersonal communication skills.
- Ability to present ideas in user-friendly language to a variety of constituent audiences.
- Proven ability to work within a changing environment and lead the implementation of change.
- Ability to assess the impact or potential impact of change management initiatives of various sizes and degrees of complexities on business financials and performance.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
Experience & Education
- 5+ years of hands-on experience with Cloud platforms (AWS, Azure, etc.) required.
- Bachelor degree in related discipline or equivalent work experience.
- Prior experience implementing system solutions in a banking environment preferred.
Internal and External Contacts
- Extensive external contact with equipment and service suppliers.
- Internal contacts are with all department managers, senior management and directors on an ongoing basis.
Working Conditions/Physical Requirements
Office environment. Ability to operate computer. Ability to communicate in order to exchange simple to complex information with individuals and groups. Ability to travel throughout Bank footprint.
Equal Opportunity Employer
Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity