Principal Engineer III - Cyber

Job Title:

Principal Engineer III - Cyber

Location:

CityScape

What you'll do:

The Principal Engineer III reports within the Information Security organization and is responsible for ensuring that our operational designs, processes, procedures and technology are deployed in manner that meet cyber security standards. This role is critical in ensuring the security, compliance, and resilience of our Azure & AWS-hosted infrastructure and services. The ideal candidate will be a strategic thinker and technical leader, capable of both guiding secure cloud architecture and diving into technical implementations. They will develop and enforce cloud security baselines, guardrails, and automation for threat detection and response. Lead threat modeling reviews, security risk assessments, and cloud configuration reviews across the cloud environments. The Principal Engineer III will represent Information Security during business project initiation, technology architecture, design and lifecycle management of the Bank's technology and security infrastructure providing oversight, guidance, security consulting and evaluation of security posture. This position requires a subject matter expert who will provide thought leadership and collaborate with various stakeholders across the Western Alliance enterprise.

• Evaluate proposed systems, networks, and software designs for security risks.
• Recommend mitigations and resolve integration issues to ensure secure implementation within existing infrastructure.
• Develop, manage, and communicate a comprehensive enterprise-wide cloud secure by design strategy, aligning with organizational goals and stakeholder expectations.
• Lead cybersecurity risk assessments, drive mitigation efforts, manage incident response planning, and collaborate with cross-functional teams to support secure design decisions across the organization.
• Developing strategies for operational security, including security of data and Azure and AWS services and workloads.
• Responding swiftly to any security incidents and providing thorough post-event analyses.
• Staying updated with the latest security trends, threats, and control measures
• Maintaining compliance with legal and regulatory requirements pertaining to information security, privacy, and data protection.
• Engage with business and IT project teams to enforce security standards, offer solutions to applicable security risks and ensure resiliency is built into new project or applications design, engineering, and implementations.
• Engage with the IT Risk Committee(s) to review and opine on requested exceptions and risk acceptance rationale.
• Actively drive security, data privacy, business continuity and disaster recovery resiliency goals in project and product deployments as part of project teams and Architectural Standard Board.
• Provide oversight, review and approval of technology readiness checklist as a member of the Technical Review Board.
• Perform annual Swift and Fedline self-assessment and attestation processes according to industry requirements.
• Contributes to the continual development of information security policies and standards.
• Supports team in the management of security measures and controls over existing operating systems including configuration management, and CIS Standards.
• Contribute to the development and refinement of key risk indicators and metrics to measure the effectiveness of the cyber security program.

What you'll need:

• 12+ years of combined experience in information security, cloud security, and/or risk management with a focus on designing and implementing secure cloud computing solutions.
• Bachelor's degree in related field required; Masters or MBA in related field preferred.
• Deep expertise in Azure / AWS cloud security, including hands-on experience with tools like Azure Security Center and Microsoft Defender for Cloud.
• In-depth knowledge of API security such as: OAuth, OpenID, REST, SOAP, GraphQL with the ability to define secure API design patterns and advocate for best practices.
• Proficiency in at least one scripting language such as Python, PowerShell, or Bash desired.
• Technology or Security in a large-scale Fortune 100 financial services and or $100B + asset size bank.
• Extensive background in technology infrastructure and architecture, design and engineering with a focus on Security and Operational Resiliency and risk mitigation techniques.
• Experience in data networking, authentication, Azure / AWS cloud management, vulnerability and CIS compliance management, web application firewalls, network segmentation/zoning, load balancing.
• Excellent analytical and problem-solving skills, with the ability to assess complex situations and develop effective solutions.
• Exceptional communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels.
• Strong leadership and project management skills, with experience leading cross-functional teams.
• CLOUD TECHNOLOGY - 3 or more Azure or AWS Certifications is required.
• CYBER SECURITY - 3 or more of the following required: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, Offensive Security Certified Professional (OSCP), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), Certified Cloud Security Professional (CCSP), Certified in Risk and Information Systems Control (CRISC).
• GENERIC COMPUTING - 3 or more of the following required: CompTIA A+, CompTIA Linux+, CompTIA Network+, Comptia Server+, CompTIA IT Fundamentals, Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft Certified: Windows Server Hybrid Administrator Associate, Microsoft Certified: Azure Network Engineer Associate, RHCSA, RHCE, RHCS - Linux Performance Tuning, RHCS-Identity Management, RHCS-Linux Diagnostics and Troubleshooting, RHCS-Developing automation with Ansible.
• Previous leadership experience required.
• Advanced to expert knowledge of general Financial Services or Banking is preferred.
• Expert understanding that downstream business-critical processes are dependent on the availability and reliability of data, designs new (and refactors existing) cyber defense, auditing, and access platforms to meet growth by scaling, service reliability requirements and problem management.
• Expert understanding and experience working with downstream business-critical processes that are dependent on the availability and reliability of data, designing new (and refactor existing) cyber defense, auditing, and access platforms through scaling, service reliability requirements and problem management.
• Knowledge of applicable regulatory and legal compliance obligations, rules and regulations, industry standards and practices.
• Expert experience or knowledge of 4 or more of the following: NIST of MITRE (and the administration of either or any IT Automation platform), SOAR, Firewall, IAM platform, SIEM, or cloud cyber defense platform.
• Experience gathering operational reports on utilization, capacity, performance and anomalies to drive improvements.
• Expert speaking and writing communication skills.

Benefits you’ll love:
We offer all the important things you'd want — like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you’ll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!

About the company:

Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC.  AmeriHome Mortgage is a Western Alliance Bank company.

Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR@westernalliancebank.com or call 602-386-2488.  When contacting us, please provide your contact information and state the nature of your accessibility issue.  We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.

© Western Alliance Bancorporation