Information Security Engineer II

Summary 

At Simmons Bank, the Security Engineering Team is responsible forthe design, implementation, and maintenance of security solutions to include, but not limited to: Identity& Access Protection, Email Security, Network Security, Endpoint Protection, Data Protection and Vulnerability Management. These security solutions secure critical business operations and protect our customers and data. 

You will join a team of Associates dedicated to ensuring the security of the corporate network and be responsible for the day-to-day operation of the Information Security Program.   

Level IISecurity Engineers are primarily responsible for the implementation and maintenance of security systems and supporting end-users’ use of the Company’s security services. Level II Security Engineers operate with limited direct supervision and provide mentoring of Level I Security Engineers. 

Essential Duties and Responsibilities 

Systems Engineering 

• Contributes substantially to the design and implementation of security systems, as needed 

• Identifies and documents system security requirements to assist with solution selection 

• Assists with the evaluation of new technologies or process improvements that enhance security capabilities 

• Serves as specialist for certain security systems, as assigned 

System Administration 

• Configures, maintains, and monitors the Company’s security systems, including but not limited to:secure email gateway, firewall, VPN, network access control, secure web gateway, security information and event management platform, endpoint protection,data loss preventionand vulnerabilityscanning tools 

• Supports Level I Security Engineers with service request and incident tickets, as needed 

• Supports Level I Security Engineers with system changes, as needed 

• Handles service request and incident tickets pertaining to security systems 

• Reviews system alerts and responds in accordance with established procedures (e.g. triage, mitigate, and escalate) 

• Researches, tests and presents proposed security system changes to IT and Business leadership 

• Conducts security system changes in accordance with the change management process 

• Collaborates with external parties (e.g.vendor support, professional services and others) to maintainsecurity technologies  

• Monitors cases, tickets, and incidents opened with vendor support to ensure timelyresponse and remediation 

• Applies upgrades, patches, and other configurations in support of the patch management and vulnerability management processes 

• Maintains the team’s writtendocumentation (e.g.diagrams, procedures, and other system information) forthe Company’s security systems  

Administrative 

• Participates in rotating on-call schedule representing the Security Engineering team 

• Mentors other team members and supports cross-training 

• Communicates security concerns to management in a timely manner 

• Completes training related to this position, as assigned, in a timely manner 

• Pursues IT and/or Security certifications relevant to this position 

• Takes initiative and responsibility for achieving desired results 

• Performs other duties as assigned 

Qualifications 

Education and/or Experience   

• Minimum of six (6) years of experience in information technology, network engineering, or security engineering (required) 

• Bachelor’s degree in a related field (preferred) 

• Direct experience administering security systemssuch as: endpoint protection,network access control, web content filtering, data loss prevention, vulnerability scanners, and firewalls (required) 

• Experience inoperational roles supporting of IT systems, networks, or applications and direct experience conductingbasic troubleshooting steps, documenting tickets, and communicating with end-users (required) 

Certifications 

• CompTiaA+, Security+, Network+, or other baseline security related certifications (required) 

• CISSP, SSCP, CEH, or other intermediate security related certifications (preferred) 

Other Qualifications (including physical requirements)  

• Must be willing to periodically work non-standard hours and be on call 

• Intermediateunderstanding of common enterprise operating systems, database systems, and networks 

• Basic understanding of cloud computing architecture and cloud services 

• Baseline knowledge of security technology landscape and emerging security technology 

• Working knowledge of Microsoft Windows operating systems for advanced troubleshooting techniques 

• Ability to read and interpret documents and follow written or verbal instructions 

• Ability to transform technical details and processes into written instructions, playbooks and procedures 

• Ability to conduct oral and written communication and present, in a professional manner, to internal and external parties 

• Ability to prioritize assignments while working on multiple projects 

• Ability to manage their own time with awareness to escalate issues promptly and with focused on meeting SLA targets 

• Ability to work independently with limited supervision 

• Possesses service-oriented mindset and strong customer service skills 

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.  Activities, duties and responsibilities may change at any time with or without notice.