Overview
AVP, Information Security Engineer Jobs in Chevy Chase, MD at Forbright Bank
Title: AVP, Information Security Engineer
Company: Forbright Bank
Location: Chevy Chase, MD
COMPANY DESCRIPTION:Forbright is a nationwide full-service bank and lender helping accelerate the transition to a sustainable and low-carbon economy. Headquartered in Chevy Chase, Maryland, Forbright is committed to accelerating the transition to a sustainable economy by financing visionary leader in clean energy, healthcare, technology, financial services, real estate, and other industries with extraordinary service.
COMPANY CULTURE:We are a dynamic, high energy, fun, and fast-paced organization that has an exciting growth trajectory, meaningful mission, and embedded responsible environmental, social, and governance (ESG) practices into our daily interactions. We offer our team members a culture of collaboration, inclusion, flexibility, recognition, and giving back. We look to hire individuals that are passionate about our mission, and who are motivated, customer and results-oriented, innovative, adaptable, and thoughtful.
COMPANY MISSION:We are a mission-driven institution with an uncommon commitment to decarbonization and sustainability. As the need to build a more sustainable, low-carbon economic system grows increasingly urgent, we are dedicating half of our assets to financing the companies, investors, and innovators driving that change. We are reimagining how a bank should operate in a changing world.
JOB SUMMARY:The AVP, Information Security Engineer is responsible for supporting the Bank’s security operations, including but not limited to threat identification, intrusion detection, digital forensics, incident response, and the design, implementation, and maintenance of enterprise-wide on-premise and cloud-based security solutions. The role provides technical analysis, assessment, and recommendations in security situational awareness, operational, network, and applications systems security monitoring, and vulnerability management.
DUTIES AND RESPONSIBILITIES:
Design and architect secure systems, networks, and applications to protect against cyber threats
Evaluate and recommend security technologies and tools to enhance the organization’s security posture
Implement and manage security information and event management (SIEM) systems
Conduct penetration testing and ethical hacking to identify and remediate vulnerabilities
Define and assess compliance security configurations for hardware, software, and cloud services
Provide expertise in security governance and compliance frameworks, e.g., CIS Benchmarks
Develop and maintain security documentation, including security policies and procedures
Define, conduct, and report on internal and 3rd party Red Team, Purple Team, and Blue Team assessments and exercises
Collaborate with the Application and Development to ensure that all custom development, both on-premises and in the cloud, meets strict security guidelines
Define, conduct, and report on digital forensics procedures, policies, and deliverables
Conduct regular tabletop exercises to test and improve the effectiveness of incident response plans
Active participation in the Information and Cybersecurity, Bank Vulnerability Management, and Data Loss Prevention programs, including efforts related to vulnerability remediation planning, tracking, implementation, threat research, log analysis, end-user security education and training, and recommendations for process improvement
Participate in change management processes when remediating threats or vulnerabilities
Provide after-hours and weekend analysis on an as-needed basis outside of ge…
