Senior Security Engineer in Memphis, TN at First Horizon National Corporation

Date Posted: 10/26/2019

Job Snapshot

Job Description

Essential Functions of the Job:
• Technical lead for evaluating, testing, recommending, developing, coordinating, monitoring and maintaining information security for operating systems, user authentication, and applications; driving strategic security architecture • Support the Cyber Security Incident Response Team (CSIRT) in the effective detection, analysis, and containment of attacks • Operate the processes necessary to act on threat intelligence and analyze the data for patterns and actionable information • Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents • Integrate appropriate systems and logs into the global threat management platform or Security Incident and Event Management system to properly protect their critical assets • Design, test and develop specific content and alerting to identify threats against their critical assets • Document procedures • Maintain an understanding of attacks, vectors and emergent threats • Provide tier II support for escalated security incidents • Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary • Mentor and educate teams with expert knowledge of information security event management, network access controls and perimeter security, operations, implementations of new technologies • Produce weekly and monthly operational metrics • Work with vendors and internal customers to respond to escalations • Familiar with threat modeling and/or risk-based security testing techniques • Validates Security Defect Repair • Assist in determining false positives of security events. • Recommends Preventative Security Actions • Recommends Corrective Security Actions • Comprehension of basic banking systems.

*Please note that this position may be seated in Memphis, TN or Knoxville, TN area.

Job Requirements:
Public Cloud computing experience • strategic, global, visionary and enterprise thinker • strong critical thinking skills • leadership adeptness • relationship management skills • comprehensive communication skills • trained in OWASP security standards • High School Graduate or Equivalent degree • Bachelor’s Degree Preferred but not required in Computer Engineering/Computer Science or related field • CISSP Preferred, but not required Knowledge and Skills Requirements: • Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and OCC regulations • Excellent team skills and integrity in a professional environment • Familiar with the Open Systems Interconnection (OSI) model • strong networking protocol understanding e.g. TCP/IP • Understanding of security technologies like; IDS/IPS, firewalls, AV • Understanding of scripting languages like JavaScript, Perl, etc. • Understanding of Web application scanning tools • Understanding of vulnerability scanning tools.
Other desired capabilities include: strategic/global/visionary/ enterprise thinker, critical thinking skills, overall leadership adeptness, relationship management skills, comprehensive communication skills and proven project management wisdom.

Work Hours:
Monday thru Friday
8am - 5pm (some after hour work required)

#LI-KK1



Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)