Security Engineer II

About us @Symphony

We’ve spent the last 10 years building a communication and markets technology company, powered by interconnected platforms: messaging, voice, directory and analytics. Over 1000 institutions use our modular technology built for global finance. Security is in our DNA with uncompromising data protection, end-to-end encryption and resilient architecture, all created on a foundation of trust with our customers .

But that was only chapter one. We’re now building on our purpose-built network, expanding AI-powered, real-time collaboration, redefining flexibility with fully cloud-native software with our trader voice product, and rethinking the industry’s approach to identity verification, connection and intelligence. .

The opportunity and our ambition are huge . But we need passionate, dedicated individuals to get there. At Symphony we work hard and fast. Our unique blend of technology and financial services makes it an environment you won't get elsewhere.

Role Description

As a Senior Security Engineer, this resource will be responsible for assessing information risks, identifying opportunities for reducing risk, and facilitating remediation of identified vulnerabilities within organization’s network, systems, and applications.

Reports on findings and recommendations for corrective action. Perform regular Risk and Vulnerability Assessments utilizing various IT Security Tools and Methodologies and reports on findings and recommendations for corrective action. Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios.

Facilitate and monitor performance of risk remediation tasks, changes related to risk mitigation & reports on findings. Maintain oversight of IT and vendors regarding the security maintenance of their systems and applications. Provides regular status reports, including metrics and outstanding issues. Assist in all internal and external audits, and regulatory examinations.

Responsibilities:

• Provides oversight and governance of the organization’s Information Security/Cyber Security Program and communicates progress and issues to the Sr. Management;


• Initiates and develops innovative concepts to solve complex challenges with little or no precedent; creates new opportunities to enable the use of new solutions. Serves as a consultant to disseminate specialist information security knowledge and provide conceptual guidance to other senior and high-level technical experts.


• Develop an externally focused view of the evolving threats facing organization.


• Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the organization.


• Primary contact for all internal and external audits, and regulatory examinations.


• Primary contact for customer due diligence and risk assessment inquiries.


• Serve as project manager/lead of risk/compliance related security projects.


• Examine systems and procedures to identify potential adverse events, including but not limited to hardware and software crashes, physical disasters, malicious intruders, malware, denial of service attacks and employee misconduct.


• Identify and manage risks which might occur.

Required Qualifications :

• 7+ years working in IT Risk Management


• Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.


• Required: deep knowledge of well-known standards and frameworks (e.g. ISO 27002, NIST Cybersecurity Framework, COBIT, COSO, GDPR). Additionally, knowledge of rules and regulations related to information/cybersecurity (e.g. DFS, FRB, and FFIEC etc.)


• Required: 7+ years’ experience in conducting IT Compliance Assessments (e.g. DFS, FFIEC, ISO, SOC)


• Required: 7+ years’ experience in administering IT Security Controls in an organization


• Required: 7+ years’ experience in performing security reviews and risk assessments


• Understanding of malware, emerging threats, attacks, and vulnerability management


• Experience assisting the development and maintenance of tools, procedure, and documentation


• Prior experience working within a financial service organization preferred.

Compensation:

• Competitive salary


• Bonus Plan


• Benefits and Perks vary based on location.

Benefits and Perks:

• Regional specific competitive benefits


• Build your own Benefits (BYOB) perk


• Many other fun and exciting benefits and activities!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.