• Ability to think critically and solve problems with limited support from management.
• A two-year college degree or equivalent industry training, certification, and/or experience.
• Two or more of the following certifications or proven expertise in these areas: Security+, Network+, CCNA, CySA+, CEH, etc.
• Two or more of the following certifications or proven expertise in these areas: MS-900 : Microsoft 365 Fundamentals, SC-900: Microsoft Security Fundamentals, CSC-200: Microsoft Security Operations Analyst, SC-300: Microsoft Identity and Access Administrator, SC-401: Information Security Administrator, Microsoft Certified: Identity and Access Administrator Associate etc preferred
• Good knowledge of Agile frameworks preferred
• Good knowledge of the Software Development Lifecycle (SDLC) preferred
• Working knowledge of multiple programming languages including, but not limited to: XML, HTML, CSS, SQL, JavaScript, and Bootstrap preferred
• Experience creating and consuming web-based services preferred
• Experience with Static and Dynamic Application Security Testing preferred
• Experience with enterprise-class technologies including firewalls, VPNs, desktop and server operating systems, SIEM, WAF, DLP, EDR, web gateways, and physical security.
• Strong ability to communicate concepts and initiatives effectively through phone, email, instant messaging, and video conferencing platforms with all levels of the Firm.
• Prior experience performing security reviews and risk assessments.
• Experience working and collaborating effectively with business management, technical subject matter experts, and internal/external partners in finding solutions.
• Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness, testing and reporting on results, and recommendations.
• Experience with creating and maintaining high quality documentation related to IT processes including flow charts and data flow diagrams.
• Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively.
• Proficiency in scripting languages including Powershell and Python preferred.
• Familiarity with MITRE ATT&CK
• Prior experience working within a financial service organization preferred.
• Individual must be able to perform with minimal supervision of routine duties; demonstrate ability to solve problems and deal with a variety of variables and situations where only limited standardization may exist; interpret instructions furnished in written, oral, diagram, or schedule formats; and be able to handle multiple tasks simultaneously.


The qualifications and demands described in this job description are representative of those most appropriate for successful performance of the essential functions of this job. Upon request, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Duties:

• Monitor and respond to security inquiries, requests, and incidents as part of our security operations center (SOC) to support the business through sound and timely cybersecurity response.
• Review and maintain department standards, procedures, and guidelines.
• Troubleshoot security tools and answer general inquiries regarding information security practices and secure access.
• Follow established processes to ensure compliance with policies. Report all suspicious activity or non-compliance to management.
• Assess new and existing technologies to determine potential value and risk to the enterprise and ensure risk beyond defined thresholds is appropriately treated.
• Perform and support forensic/e-discovery investigations as directed by management.
• Identify improvement opportunities and provide recommendations to further mature existing IT processes and controls to align with best practices including use of automation and optimization.
• Assist in continual design, implementation, and operationalization of security operations lifecycle to continually mature the security of our business environment and SIEM reporting.
• Prepare ongoing reports with specified metrics/ key performance indicators related to the security operations lifecycle.
• Recommend and assist in the remediation of security controls and enhancements to reduce risk throughout the enterprise.
• Participate in other special projects or strategic initiatives at the direction of management.


This description indicates the kinds of tasks and level of work difficulty required for this position. It is not intended as a complete list of specific duties and responsibilities. Nor is it intended to limit or modify the right of any supervisor to assign other duties not mentioned.


What we offer:
Competitive salary plus excellent benefits and perks including, but not limited to:  
• Medical, Dental and Vision
• Company 401(k)and ESOP contribution 
• Generous sick, vacation, and maternity/parental leave
• Paid holidays
• Professional Development Opportunities
• Tuition Reimbursement ($15,000 lifetime cap)
• Charitable gift-matching program
• Davidson Day of Giving – Our tradition of positively impacting communities in which we live and work.  


The potential base pay hiring range for this role is $28.00 to $32.00 per hour. The compensation offered will be determined on a case-by-case basis considering a variety of factors including, but not limited to, the skills, relevant work experience, and geographic location of each specific candidate. This role is eligible to participate in applicable D.A. Davidson variable compensation programs.