TIAA Lead Cybersecurity Engineer - Application Firewall in Chicago, Illinois
Lead Info Security Engineer
The Senior Lead Information Security Engineering job collaborates with various business units and stakeholders across the organization to monitor external and insider threat detection, mitigation, investigation and response efforts. Working under limited supervision, this job develops and implements robust technical solutions and advanced analytics to enable preventive threat detection efforts. This job also conducts and reviews the testing of the current state of the information security architecture and suggests improvement recommendations by gathering key insights found from testing and analyzing the current systems and networks.
Key Responsibilities and Duties
Provides operations and engineering support for critical security systems and services including servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management.
Ensures the execution of vulnerability analysis and exploitation of applications, operating systems and networks.
Reports identified intrusion or incident paths and methods discovered through testing and evaluation procedures.
Designs, develops and implements countermeasures, systems integration and tools specific to cyber and information operations.
Resolves and documents complex malware and intrusion issues within the system as they occur.
Functions as an internal information security consultant on the standards, complex issues and best practices for the organization.
Conducts testing and analysis of complex software systems to determine both the functionality and intent of the systems.
Communicates with cybersecurity risk and security operation teams to enhance the overall security posture of the enterprise.
Coaches, reviews and delegates work to lower level professionals to enhance their knowledge and performance related to information technology (IT) Security.
- University (Degree) Preferred
- 5+ Years Required; 7+ Years Preferred
- Physical Requirements: Sedentary Work
The Lead Cybersecurity Engineer – Application Firewall leads the design, implementation, and management of the enterprise’s web application firewalls, rate controls, and threat detection and mitigations for public web applications. This role will work with teams across the enterprise to deploy WAF controls and work with application development teams to ensure applications meet control requirements and troubleshoot complex application security issues. The WAF engineer will work with the security architecture, security operations, and cyber risk teams to develop control requirements, implement and maintain controls, and assist security operations with ongoing tuning and enhancement of the WAF controls. This role also evaluates existing and new technologies to ensure the organization has the optimal security solutions in place.
5+ years of IT engineering experience with at least 3 years of experience developing and implementing security solutions
2+ years of experience with at least one of the following network security platforms: web application firewalls, network firewalls, or other web application protection tools (rate controls, bot management, etc)
General information security certifications (CISSP, GSEC, etc)
Technical information security and related network certifications (CCNA, GIAC, AWS, vendor, etc)
Experience with on-prem and cloud based web application firewalls, developing WAF policies, and troubleshooting application security issues in a complex network security environment
Understanding of content delivery systems and integration of application firewalls with content delivery
Experience developing and implementing rate control policies and bot management controls
Experience with development and management of firewall and threat policies in next gen firewalls
Experience with cloud security, cloud provider ecosystems (Amazon AWS/Microsoft Azure)
Experience in developing automation to improve efficiency
Highly proficient in engineering and debugging of complex IT systems
Experience with Splunk, ArcSight and/or ELK platforms
Ability to work across functional groups to implement and maintain application security solutions
Experience in financial services or other highly regulated industry
Bachelor’s Degree in Cybersecurity, Information Technology, or other STEM degree.
Potential Salary: $137,700.00 USD
Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).
TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.
TIAA requires all U.S. employees to be fully vaccinated against COVID-19 and provide documentation of full vaccination, unless you qualify for an accommodation as determined by TIAA consistent with applicable law.
Benefits and Total Rewards
The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That’s why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our Benefits Summary (https://www.tiaa.org/public/pdf/benefits-at-a-glance.pdf) .
We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.
Read more about the Equal Opportunity Law here (https://www.dol.gov/general/topics/posters) .
TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.
If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:
Phone: (800) 842-2755
For residents of California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) to access the TIAA CA Applicant Privacy Notice.
For residents of the EU / UK, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) to access the EU / UK Pre-employment Notice.
For all other residents, click here (http://www.tiaa.org/public/tiaa-nuveen-privacy) to access the Applicant Privacy Notice.