Cyber Security Engineer
2 days ago
Sumitomo Mitsui Banking Corporation (SMBC) is a leading global financial institution with a rich history and diverse range of financial services. We are seeking a highly skilled Security Testing Engineer to join our team.
Job Summary:The Security Testing Engineer will be responsible for executing our Cyber Resilience Exercise program, designed to enhance cyber resilience capabilities and preparedness across various businesses, group companies, and functions of the bank. This role will involve web application and network penetration testing, issue management, and supporting partnerships for exercises such as cyber scenario exercising and cyber incident management.
Key Responsibilities:- Analyze IT infrastructure, systems, and applications for susceptibility to various security exploits and threats.
- Recommend best practices to mitigate vulnerabilities and partner with IT colleagues to implement fixes.
- Develop and manage processes for validating and testing security policy, including routine scans, application exploit tests, social engineering simulations, and network penetration testing.
- Create reports based on findings, identify remediation steps, and disseminate them to stakeholders.
- Perform in-depth analysis and testing on new systems, vendor connections, applications, and implemented vulnerability patches.
- Manage and update testing and validation infrastructure, vendors, and practices.
- Maintain documentation for testing practices and validation policy.
- Support the development of security policy and practices to provide a holistic and proactive posture against vulnerabilities and exploits.
- Partner in and understand the impacts and plans associated with resilience of cyber threats and risks.
- Works with business/function/entity to increase awareness of Cyber Resilience. Provides input to IT, cybersecurity, and operational resiliency risk trainings bank wide.
- Partner with IT infrastructure and development teams to identify systems and applications for potential exploits and conduct testing and validation of code to ensure it conforms to security standards.
- Understands changes related to regulatory, new product/initiative, processes, controls, events, issues, etc., in the IT, data management, and cybersecurity domains that may impact the operational risk profile of the bank.
- Provides reporting to Information Security and business senior management.
- Engage with end-user security training team to develop curriculum and focus training on the most impactful practices and policies and update according to trending threats and exploits.
- Work with business units to understand their current processes and advise on adjustments that could be made to improve overall security.
- Analyze requests for exceptions where needed and suggest appropriate structuring to balance both security and operational efficiency.
- Demonstrate an advanced understanding of cyber security concepts with knowledge of vulnerabilities and how they function, security and defensive posturing best practices, and threat assessment and remediation techniques.
- Should either hold or be working towards professional certification in cyber security penetration testing.
- Display knowledge of tools and frameworks used to conduct penetration testing, application code validation, and systems to enable real-time threat monitoring.
- Possess knowledge of common network and data exchange protocols, hardware operating systems, and security infrastructure.
- Show communication skills needed to effectively convey security policies and rational to business units.
- Exhibit ability to coordinate the efforts of multiple teams and stakeholders during penetration tests, implementing vulnerability patches, and in response to security incidents.
- 1-3 years of direct work experience within the financial services industry with focus on DAST, SAST, IAST, Network or Web Application Penetration.
- Working knowledge of technology and cyber risk management process and controls, industry practices, and frameworks (e.g., NIST, ISO).
- Detail oriented, with proven ability to question the status quo and apply resilience activities to enhance capabilities, as appropriate.
- Strong organizational skills, with proven ability to successfully manage multiple, concurrent priorities.
- Ability to communicate and work effectively in a matrixed environment and across various organizational levels, where flexibility, collaboration, and adaptability are important at all levels.
- Foundational knowledge of banking laws and regulations (FFIEC, NYDFS, BCBS, FCA, PRA, BoE, etc.).
- Maintain a technical cyber threat mindset to understand underlying risks and weaknesses to properly assist in mitigating and enhancement activities.
- Desire to continually deliver a quality and meaningful work product in a timely and efficient manner.
- BA/BS in Computer Engineering, Computer Science, Information Systems, Cyber Security, Business Administration, or demonstrated relevant industry background and/or military experience.
- CISSP, CCRP (Certified Cyber Resilience Professional), CEH (Certified Ethical Hacker), GIAC, or other Cyber Incident Response or Penetration Testing certifications preferred.
SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.
SMBC provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application process, please let us know at .
-
Cyber Fraud Data Engineer
2 weeks ago
New York, New York, United States Iceberg Cyber Security Full timeJoin Our Team as a Cyber Fraud Data EngineerWe are seeking a highly skilled Cyber Fraud Data Engineer to join our team at Iceberg Cyber Security. As a key member of our team, you will play a critical role in bridging the gap between cybersecurity and data to fight financial crime and fraud.About the RoleThe successful candidate will have experience in...
-
Cyber Security Engineer
3 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob Title: Cyber Security EngineerSumitomo Mitsui Financial Group, Inc. is a leading global financial institution with a rich history and diverse range of financial services. We are seeking a highly skilled Cyber Security Engineer to join our team.Job Summary:The Cyber Security Engineer will be responsible for executing within our Cyber Resilience Exercise...
-
Cyber Security Engineer
3 days ago
New York, New York, United States Sumitomo Mitsui Banking Corporation Full timeJob Title: Cyber Security EngineerSumitomo Mitsui Banking Corporation (SMBC) is seeking a highly skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer, you will be responsible for executing within our Cyber Resilience Exercise program designed to increase cyber resilience capabilities and preparedness across various businesses, group...
-
Cyber Security Engineer
3 weeks ago
New York, New York, United States SMBC Full timeJob Title: Security Testing EngineerSMBC Group is a leading global financial institution with a rich history and diverse range of financial services. As a Security Testing Engineer, you will play a critical role in ensuring the cyber resilience of our organization.Job SummaryWe are seeking a highly skilled and experienced Security Testing Engineer to join...
-
Cyber Security Engineer
3 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob Title: Cyber Security EngineerSumitomo Mitsui Financial Group, Inc. is a leading global financial institution with a rich history and diverse range of financial services. We are seeking a highly skilled Cyber Security Engineer to join our team.Job SummaryThe Cyber Security Engineer will be responsible for executing our Cyber Resilience Exercise program,...
-
Cyber Security Engineer
2 days ago
New York, New York, United States Penske Truck Leasing Full timeAbout the RoleWe are seeking a highly skilled Cyber Security Engineer to join our team at Penske Truck Leasing. As a key member of our IT department, you will play a critical role in ensuring the security and integrity of our network and systems.Key ResponsibilitiesDesign and implement robust security infrastructure to protect our network and systems from...
-
Cyber Security Engineer
3 weeks ago
New York, New York, United States Sumitomo Mitsui Banking Corporation Full timeJob Title: Security Testing EngineerJoin Sumitomo Mitsui Banking Corporation, a leading global financial group, in a challenging role that requires expertise in cyber security and penetration testing.About the RoleWe are seeking a highly skilled Security Testing Engineer to join our Cyber Resilience Exercise program. The successful candidate will be...
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States SMBC Full timeJob Title: Security Testing EngineerSMBC Group is a leading global financial institution with a rich history and diverse range of financial services. As a Security Testing Engineer, you will play a critical role in ensuring the security and resilience of our systems and applications.Key Responsibilities:Analyze IT infrastructure, systems, and applications...
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States Sparc The World Full timeAbout Sparc The WorldWe are a pioneering cyber security company dedicated to safeguarding organizations from cyber threats. Our innovative technology and expertise empower businesses to focus on their mission without fear of cyber attacks. We are committed to our customers and guided by our core values, which have earned us recognition as one of Forbes Best...
-
Cyber Security Principal Engineer
3 weeks ago
New York, New York, United States GE Vernova Full timeJob DescriptionWe are seeking a highly skilled Cyber Security Principal Engineer to join our Global Monitoring & Diagnostics (M&D) Engineering team at GE Vernova.Key ResponsibilitiesSupport M&D Cyber and Sustaining team members as an expert in cybersecurity as it relates to OT network architectures and industrial control systems.Work across Engineering and...
-
Embedded Security Specialist
2 weeks ago
New York, New York, United States Iceberg Cyber Security Full timeEmbedded Security Tester OpportunityWe are seeking a highly skilled and experienced Embedded Security Tester to join our team at Iceberg Cyber Security. As a key member of our offensive security services, you will be responsible for developing and leading a team of security professionals, driving business development initiatives, and delivering top-tier...
-
Cyber Security Lead Engineer
1 day ago
New York, New York, United States Futran Tech Solutions Pvt. Ltd. Full timeJob DescriptionFutran Tech Solutions Pvt. Ltd. is seeking a highly skilled Cyber Security Lead Engineer to join our team. As a key member of our Cyber Technology service team, you will play a vital role in creating Application Security Scanning & Penetration Testing capabilities, determining required IT business solutions, and assisting in implementing...
-
Cyber Security Engineer Position
3 weeks ago
New York, New York, United States iT1 Full timeCyber Security Engineer Job DescriptioniT1, a leading national technology solution provider, is seeking a highly motivated Cyber Security Engineer to join our NOC team.As a Cyber Security Engineer, you will be part of our managed services organization, working directly with our internal engineering teams and customers.In this role, you will work in a...
-
Cyber Security Engineer
3 weeks ago
New York, New York, United States Velocity Tech Inc Full timeJob Title: Cyber Security EngineerLocation: New York, NY (Hybrid)/ W2 ContractJob Description:Under the guidance of the IT/Security Architect or Systems Manager, the candidate will be responsible for evaluating and implementing new technologies, analyzing cybersecurity-related components and controls associated with the product, process, and solution, and...
-
Cyber Security Threat Intelligence Engineer
2 days ago
New York, New York, United States RightTalents LLC Full timeCyber Security Threat Intelligence EngineerRightTalents LLC is seeking a highly skilled Cyber Security Threat Intelligence Engineer to join our team. As a key member of our Cyber Threat Intelligence team, you will play a critical role in enhancing our prevention, detection, response, and recovery efforts through various technical and operational methods.Key...
-
Cyber Security Lead Engineer
4 weeks ago
New York, New York, United States Luxoft Full timeAbout the RoleLuxoft is seeking a highly skilled Cyber Security Lead Engineer to join our Cyber Technology service team. As a key member of our team, you will play a vital role in creating Application Security Scanning & Penetration Testing capabilities, determining required IT business solutions, and assisting in implementing them.We offer a collaborative...
-
Cyber Security Engineer-HYBRID
2 weeks ago
New York, New York, United States Goli Tech Full timeJob SummaryGoli Tech is seeking a highly skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer, you will be responsible for designing, developing, and implementing secure architectures and processes to protect our company's infrastructure and data.Key ResponsibilitiesDesign and implement secure architectures and processes to protect...
-
Cyber Security Specialist
3 weeks ago
New York, New York, United States SAIC Full timeJob Title: Cyber EngineerSAIC is seeking a highly skilled Cyber Engineer to join our team. As a Cyber Engineer, you will be responsible for designing, implementing, and maintaining network security solutions that protect our organization from cyber threats and ensure compliance with industry standards.Key Responsibilities:Design and implement 802.1X...
-
Cyber Security Solutions Architect
3 weeks ago
New York, New York, United States Henderson Scott Full timeJoin Our Team as a Cyber Security Solutions ArchitectWe are seeking a highly skilled Cyber Security Solutions Architect to join our team at Henderson Scott. As a key member of our team, you will be responsible for working with customers to implement our cutting-edge Cyber Security solutions.About the Role:Work with customers to understand their Cyber...
-
Cyber Security Engineer
2 weeks ago
New York, New York, United States Veracity Engineering Full timeAbout the RoleVeracity Engineering is seeking a highly skilled Cyber Security Engineer to join our team. This role is integral to executing sophisticated offensive security operations, including red teaming, penetration testing, and tailored cybersecurity exercises.Key ResponsibilitiesPlan, design, and execute red team engagements to assess the resilience of...
