Strategic Data Systems

Compensation

Full Description

For more than three decades, Strategic Data Systems (SDS) has been a software consultancy firm specializing in strategy, technology, and business transformation for Fortune 100 companies, mid-sized firms, and startups. At SDS, we empower our development teams to address our clients' critical business challenges by leveraging cutting edge technologies. If you seek a workplace where your contributions are truly appreciated, then SDS is the company for you. Join us today to work alongside fellow development specialists and become a crucial part of our dynamic and cohesive community. Position Title: Information Security Engineer III Reports to: Director / Senior Manager, Information Security Location:Remote About the Bank / Client Context Our client is a leading national banking institution committed to protecting the integrity, confidentiality, and availability of financial systems. As threats evolve, we are investing in robust security engineering and proactive defense capabilities to secure sensitive customer data, financial transactions, and infrastructure. The Information Security Engineer III will play a pivotal role in driving advanced security architecture, detection & response, and risk mitigation across cloud, network, and application environments in a highly regulated environment (e.g. GLBA, FFIEC, PCI, SOX, etc.). Position Summary The Information Security Engineer III is a senior individual contributor (or team lead) role responsible for designing, deploying, optimizing, and validating security controls across infrastructure, applications, identity, and network domains. This role acts as a trusted technical advisor to architecture, operations, engineering, and business teams, ensuring security is built-in from design through deployment. The incumbent is expected to have deep hands-on experience, the ability to lead security projects end-to-end, and mentor more junior engineers. Key Responsibilities • Design, implement, maintain, and continuously improve security controls and capabilities (e.g. IDS/IPS, next-gen firewalls, endpoint protection, SIEM, EDR/XDR, network segmentation, microsegmentation, DLP, WAF, CASB). • Perform risk assessments, security reviews, threat modeling, architecture reviews, and security design evaluations for new systems, platforms, and integrations. • Lead efforts to detect, analyze, respond to, and remediate security incidents; perform root cause investigations, forensics, and lessons-learned programs. • Conduct vulnerability scanning, penetration tests, red/blue team exercises, and ensure remediation tracking and validation. • Integrate security into DevOps and CI/CD pipelines (DevSecOps) — e.g. static code analysis (SAST), dynamic / interactive scanning (DAST / IAST), container & cloud security, secrets management. • Develop and tune security detection use-cases, alerts, and analytic rules in SIEM / EDR / UEBA / log platforms. • Automate repeatable security tasks (e.g. log analytics, threat feed ingestion, alerts triage) using scripting / tooling (Python, PowerShell, etc.). • Collaborate cross-functionally with network, systems, application, and cloud teams to embed security controls early in project lifecycles. • Maintain and enforce security policies, standards, baselines, and guidelines (aligned with NIST, CIS, ISO 27001, FFIEC, etc.). • Mentor and coach junior security engineers, conduct peer reviews, and champion security culture and awareness. • Keep current with threat actor techniques, emerging vulnerabilities, security technologies, and industry best practices; propose architectural or tool upgrades. • Participate in audits, regulatory requirements (e.g. internal, external, SOX, PCI, FFIEC), and provide evidence and technical support. • On-call rotation as part of incident response / escalation. Qualifications / Experience • Bachelor's degree in Computer Science, Information Security, or a related discipline (or equivalent experience). • Minimum of 5-8+ years of experience in information security, with at least 2-3 years in senior or lead-level roles. • Hands-on experience across multiple security domains: network security, endpoint security, identity & access management, application security, cloud security, etc. • Strong knowledge of security frameworks / standards (e.g. NIST CSF, NIST SP 800-53, CIS Controls, ISO 27001, FFIEC). • Experience deploying and configuring security tools: SIEM, EDR, IDS/IPS, WAF, DLP, CASB, vulnerability management platforms. • Experience in incident detection / response and forensics. • Proficiency in scripting or programming (Python, PowerShell, Bash, etc.) for automation. • Familiarity with public cloud environments (AWS, Azure, GCP) and their security controls / tooling. • Experience integrating security into CI/CD pipelines and DevSecOps practices. • Strong analytical, problem-solving, communication, and stakeholder engagement skills. • Professional certifications such as CISSP, CISM, GIAC (GSEC, GCIA, GCIH, etc.), or equivalent are preferred. • Experience in highly regulated / financial or banking environments is strongly preferred. Competencies & Soft Skills • Ability to translate technical security risk into business impact and communicate to leadership. • Ability to drive change, persuasion, and influence across teams. • Proven leadership / mentoring and collaborative skills. • Self-starter, continuous learner, adaptable in a fast-paced environment. Preferred / Nice-to-Have • Familiarity with red teaming or adversarial simulation. • Experience in threat hunting, anomaly detection, or proactive defense. • Knowledge of blockchain / cryptocurrency security, API security, zero trust architecture. • Experience with privacy / data protection (e.g. GDPR, CCPA) and data classification. What You'll Get SDS, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state, and local laws. • Competitive base salary • Medical, dental, and vision insurance coverage • Optional life and disability insurance provided • 401(k) with a company match and optional profit sharing • Paid vacation time • Paid Bench time • Training allowance offering • You'll be eligible to earn referral bonuses!