IT INFORMATION SECURITY ENGINEER

Ark City, KS, 126 S Summit Ave, Arkansas City, Kansas, United States of America ● Claremore, 300 W Patti Page Blvd, Claremore, Oklahoma, United States of America ● Hutch Plaza East, 700 E 30th Ave, Hutchinson, Kansas, United States of America ● Oklahoma City, 701 N Broadway Ave, Oklahoma City Region, Oklahoma, United States of America ● Tulsa, OK, USA ● Wichita, 10501 E Berkeley Sq Pkwy, Wichita, Kansas, United States of America Req #2987

Monday, February 5, 2024

Title: Information Security Engineer

Position Summary: Provide and support advanced security solutions for the Information Security team. This includes the evaluation and implementation of new security solutions, as well as the monitoring of existing security solutions to identify security breaches or vulnerabilities detected by those systems. Maintaining security operations and updating configurations as approved by Change Management to support business requirements, leading investigations and recommending appropriate remediation actions as necessary for Information Security incidents. Provide post-event guidance and review for security incidents. Provide functional leadership in the areas of analysis, system design, documentation, testing, implementation and support for highly complex security operations and processes. Directly responsible for security projects or tasks of significant technical complexity. Decisions require analytical, interpretative, and creative thinking that may not conform to established patterns in order to solve security problems. Effectively communicates security issues with confidentiality and sensitivity to diverse audiences as appropriate.

Essential Functions:

1. Provides technical expertise and support to bank, IT management, and other infrastructure staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products
2. Responsible for all technical solutions supported by Information Security, to include perimeter firewalls, IDS/IPS, DLP, VPN, and vulnerability management solutions
3. Develops and oversees remediation processes.
4. Updates security configurations of supported resources when approved by change management.
5. Responsible for identifying and mitigating performance issues due to degradation or inability to access necessary resources.
6. Participates in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems in the environment (e.g., company-wide, distributed, client server systems, and e-applications).
7. Coordinates tests and implements appropriate security solutions and control techniques such as firewalls, intrusion detection software, data encryption, data backup and recovery, and data loss prevention.
8. Performs security architecture gap analysis; evaluates, tests, and identifies compensating solutions and positions them in the security architecture for appropriate and effective use.
9. Serves as an active participant in the organization’s Risk Management strategy; performs technical Risk Assessments for products as requested.
10. Serves as part of the Security Incident Response Team.
11. Stays informed of information security related developments, technologies, and makes recommendations in context of organizational needs.
12. Participates in both technical event and table top exercises related to BCP/DR and Information Security.
13. Helps educate and develop talent of junior team members in IT and the Information Security team.
14. Other duties as assigned

Experience Required:

Eight years work experience in network and information security preferred.

Experience with CheckPoint solutions preferred but not required.

Education, Certifications and Specialized Training:

High school diploma or GED required.

Bachelor’s degree in Computer Science or related discipline, or an equivalent combination of education and work experience. The following certifications are preferred: Certified Information System Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), Certified Information Security Manager (CISM) and Checkpoint Certified Security Expert (CCSE) is preferred

Job-Specific Skills and Knowledge:

• Requires analytical ability, strong judgment and problem analysis as well as a broad knowledge of business functions, information technologies and Information Security best practices
• Knowledgeable in forensic investigations and data recovery
• Knowledgeable in the administration and management of firewall solutions (preferably CheckPoint)
• Knowledgeable in enterprise client security techniques and policy management (encryption, antimalware, DLP, etc.)
• Knowledgeable in enterprise vulnerability management solutions
• Requires broad knowledge of session encryption, virtual private networks, and advanced network routing (BGP)
• Ability to stay up-to-date with all known malicious attack vectors and possess the ability to understand and implement necessary mitigation strategies
• Requires a thorough knowledge of business objectives, strategies and operations in order to provide technical expertise
• Excellent communication and technical writing skills

WORKING CONDITIONS

Individuals in this position must be able to perform essential functions and physical demands within these documented working conditions with or without reasonable accommodation:

This position is in an office environment within a climate-controlled facility that can be high-traffic during peak service times. There is frequent use of the telephone, computer and other office equipment associated with this position. Individuals in this position are typically seated at their personal desk for the majority of the day.

The individual responsible for this role must be able to perform job functions with indirect supervision and work effectively as a member of a team and independently. The individual must be capable of working harmoniously with diverse personalities of co-workers, staff and customers. This position requires regular and reliable attendance and the ability to work varying hours.

Nothing in this job description restricts management’s right to assign or reassign

duties and responsibilities to this job at any time.

PHYSICAL DEMANDS:

Physical Demands	N/A	O	F	C		Lift / Carry	N/A	O	F	C
Stand		ü				10 lbs. or less			ü
Walk		ü				11 – 20 lbs.			ü
Sit			ü			21 – 50 lbs.			ü
Handling / Fingering			ü			51 – 100 lbs.		ü
Repetitive Motion (Keyboarding / Ten Key)		ü				Over 100 lbs.	ü
Reach Outward		ü
Reach Above Shoulder		ü
Climb Crawl			ü
Squat or Kneel			ü
Bend			ü

Potential Exposures	N/A	O	F	C
Moving mechanical parts	ü
Wet and/or humid conditions	ü
Heights		ü
Fumes or airborne particles	ü
Chemicals	ü
Weather conditions		ü
Electricity	ü
Vibration	ü
Noise (moderate)		ü

PHYSICAL DEMANDS – LEGEND:

N/A (Not Applicable)	Activity is not applicable to this occupation.
O (Occasionally)	Occupation requires this activity up to 33% of the time (0 – 2.5 hrs. / day).
F (Frequently)	Occupation requires this activity from 34% - 66% of the time 2.5+ – 5.5 hrs. / day).
C (Constantly)	Occupation requires this activity more than 66% of the time (5.5+ hrs. / day).

OTHER PHYSICAL REQUIREMENTS:

Vision.

Conversational hearing required.

RCB Bank is an EOE. We offer EEO to all persons without regard to race, color, religion, age, marital or veterans’ status, sex, national origin, physical or mental disability, or any other legally protected class.