Senior Security Engineer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field preferred and a minimum of seven (7) years of experience in systems administration, security engineering, or SOC environments. Equivalent combination of education and experience will be considered.
• Experience with EDR/XDR technologies is essential, including but not limited to: Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), Qualys, Carbon Black, CrowdStrike, Trellix, SentinelOne, and Jamf Protect.
• Proven track record of large-scale enterprise security deployments.
• Experience with security incident response and analysis.
• Strong problem-solving and diagnostic abilities across enterprise-wide systems.
• Experience working independently and as part of collaborative teams.
• Expert-level knowledge of endpoint security platforms.
• Strong experience with enterprise security tools, with emphasis on vulnerability management platforms and related security assessment technologies.
• Proficiency with cloud security in AWS and Azure environments.
• Advanced Linux (Linux distributions, MacOS, OS-X) and Windows system administration skills.
• Experience with scripting and automation (Python, Bash, PowerShell).
• Strong networking fundamentals (TCP/IP, DNS, VPNs, firewalls).
• In-depth knowledge and practical experience with the configuration, deployment, and management of host-based firewalls across diverse operating systems and enterprise environments.
• Experience with log pipelines, data parsing, and normalization.
• Strong organizational skills and excellent detail orientation.

Responsibilities

• Perform OS and network-level troubleshooting and testing on all security tools.
• Support security analysis and Incident Response activities in collaboration with CIS staff.
• Migrate and decommission legacy security platforms while ensuring business continuity.
• Maintain security tools across Development, QC, and Production environments.
• Collaborate with cross-functional teams to enhance FINRA's security posture.
• Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks.
• Operate and monitor established security controls.
• Identify control deficiencies and make appropriate recommendations.
• Ensure that controls operate effectively; resolve operating discrepancies.
• Identify, evaluate, and recommend new security technologies, techniques, and tools.
• Define, review, and promote information security policies, standards, guidelines, and procedures.
• Co-lead internal process improvement initiatives.
• Provide feedback on processes by offering suggestions.
• Mentor and supervise junior staff in project-level tasks.
• Install, configure, and maintain security monitoring endpoint security solutions across multi-cloud environments, including AWS, Azure, GCP, OCI, and other cloud platforms as required by organizational infrastructure.
• Implement, operate, and monitor established security controls to protect IT infrastructure.
• Using scripting (e.g., Python) to automate incident response workflows.
• Develop and tune SIEM rules, alerts, and playbooks to reduce false positives.
• Investigating, analyzing, and responding to network, application, and device threats
• Ensure all work products meets /exceeds FINRA standards.
• Demonstration of FINRA’s values.
• Collaboration, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.

Benefits

• Employees may be eligible for a discretionary bonus in addition to base pay.
• Non-exempt employees are also eligible for overtime pay in accordance with federal, state, or local law.
• As part of its dedication to employee wellness, FINRA provides comprehensive health, dental and vision insurance.
• Additional insurance includes basic life, accidental death and dismemberment, supplemental life, spouse/domestic partner and dependent life, and spouse/domestic partner and dependent accidental death and dismemberment, short- and long-term disability, long-term care, business travel accident, disability and legal.
• FINRA offers immediate participation and vesting in a 401(k) plan with company match and eligibility for participation in an additional FINRA-funded retirement contribution, tuition reimbursement, commuter benefits, and other benefits that support employee wellness, such as adoption assistance, backup family care, surrogacy benefits, employee assistance, and wellness programs.
• Time Off and Paid Leave FINRA encourages its employees to focus on their health and wellness in many ways, including through a generous time-off program of 15 days of paid time off, 5 personal days and 9 sick days, unless otherwise required by law (all pro-rated in the first year).
• Additionally, we are proud to support our communities by providing two volunteer service days (based on full-time schedule).
• Other paid leave includes military leave, jury duty leave, bereavement leave, voting and election official leave for federal, state or local primary and general elections, care of a family member leave (available after 90 days of employment); and childbirth and parental leave (available after 90 days of employment).
• Full-time employees receive nine paid holidays.