Our vision for the future is based on the idea that transforming financial lives starts by giving our people the freedom to transform their own. We have a flexible work environment, and fluid career paths. We not only encourage but celebrate internal mobility. We also recognize the importance of purpose, well-being, and work-life balance. Within Empower and our communities, we work hard to create a welcoming and inclusive environment, and our associates dedicate thousands of hours to volunteering for causes that matter most to them.

Chart your own path and grow your career while helping more customers achieve financial freedom. Empower Yourself.

DUTIES / RESPONSIBILITIES / ESSENTIAL FUNCTIONS:

• Conduct security operations necessary to maintain the confidentiality, availability, and integrity of enterprise data and information systems.
• Provide excellent customer service for internal and external customers in support of security initiatives, incident response, and support
• Maintenance of security tools and technologies throughout the enterprise environment
• Evaluate, design, and implement security related solutions, adhering to established change control processes
• Provide technical security planning, implementation, configuration, support and troubleshooting services on all security technologies.
• Provide accurate, clear, and concise documentation of system requirements, specifications, and final builds.
• Perform all necessary functions associated with the implementation and integration of security tools and platforms into the enterprise environment.
• Coordinate with systems and network engineers to ensure servers and network devices conform to security standards, and that security devices and controls are working as designed Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
• Assist in defining the security strategy and integrating regulatory compliance requirements (e.g., PCI, GLBA) into the organizational security roadmap
• Assist in ensuring that the corporate IT environment is secure and complies with all internal and external audit requirements
• Implement and maintain cryptographic controls (e.g. data at rest, data in transit) in line with security requirements
• Identify potential security risks, and define and document remediation options or mitigating controls
• Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events, establishing and adhering to escalation procedures and response times
• Review and approve submitted application and systems change requests for security compliance
• Provide subject matter expertise, counsel, and input for enterprise-wide information security initiatives, strategies, projects, and policies
• Maintain certifications and keep up-to-date with current information technology
• Participate in 24x7 on-call rotation
• Perform related duties as requested

EDUCATION:

• Bachelor s degree in Information Technology, Computer Science, or related field and 6 years experience in information technology or related field within the last 10 years OR 8 years experience in information technology or related field within the last 10 years.

OTHER PREFERRED QUALIFICATIONS:

• 4 years of technical experience working with security solutions and conducting security operations
• 4 years of network security experience and reviewing security tools and solutions and making recommendations on utilization and strategy
• 4 years of experience with network protocols, data flows and attacks within an IP environment
• 3+ years of experience in building configurations for security devices and building an automated process to support large-scale deployment
• Extensive knowledge and experience with security software, firewalls, intrusion detection systems and other security systems and network monitoring.
• Extensive hands-on technical knowledge of network systems, protocols, and standards such as Ethernet, LAN, WAN and TCP/IP.
• Experience as a security specialist in a regulated IT environment including some combination of SOX, HIPAA, GLBA, PCI and responsible for compliance and performing/coordinating audits (1+ years)
• 3+ years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
• 2+ years of experience performing network and application security administration, penetration testing and/or threat assessments ISSP, GIAC certification(s)
• 2+ years programming/scripting experience – one or more of: C, C++, Java, Perl, PHP, Python, shell
• Competency with Linux/Unix and Windows operating systems and CLI commands
  Ability to use creative thinking and problem-solving skills, intuition, initiative, and "out of the box" thinking to solve problems quickly
• 3+ years Cloud (AWS, Azure, Google) Linux/Unix Scripting (Bash, Perl, Python)

This job description is not intended to be an exhaustive list of all duties, responsibilities and qualifications of the job. The employer has the right to revise this job description at any time. You will be evaluated in part based on your performance of the responsibilities and/or tasks listed in this job description. You may be required perform other duties that are not included on this job description. The job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason, as per terms and conditions of your employment contract.

We are an equal opportunity employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to age, race, color, national origin, ancestry, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, religion, physical or mental disability, military or veteran status, genetic information, or any other status protected by applicable state or local law.