Information Security Engineer II

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Summary

At Simmons Bank, the Security Engineering Team is responsible forthe design, implementation, and maintenance of security solutions to include, but not limited to: Identity& Access Protection, Email Security, Network Security, Endpoint Protection, Data Protection and Vulnerability Management. These security solutions secure critical business operations and protect our customers and data.

You will join a team of Associates dedicated to ensuring the security of the corporate network and be responsible for the day-to-day operation of the Information Security Program.

Level IISecurity Engineers are primarily responsible for the implementation and maintenance of security systems and supporting end-users’ use of the Company’s security services. Level II Security Engineers operate with limited direct supervision and provide mentoring of Level I Security Engineers.

Essential Duties and Responsibilities

Systems Engineering

• Contributes substantially to the design and implementation of security systems, as needed

• Identifies and documents system security requirements to assist with solution selection

• Assists with the evaluation of new technologies or process improvements that enhance security capabilities

• Serves as specialist for certain security systems, as assigned

System Administration

• Configures, maintains, and monitors the Company’s security systems, including but not limited to:secure email gateway, firewall, VPN, network access control, secure web gateway, security information and event management platform, endpoint protection,data loss preventionand vulnerabilityscanning tools

• Supports Level I Security Engineers with service request and incident tickets, as needed

• Supports Level I Security Engineers with system changes, as needed

• Handles service request and incident tickets pertaining to security systems

• Reviews system alerts and responds in accordance with established procedures (e.g. triage, mitigate, and escalate)

• Researches, tests and presents proposed security system changes to IT and Business leadership

• Conducts security system changes in accordance with the change management process

• Collaborates with external parties (e.g.vendor support, professional services and others) to maintainsecurity technologies

• Monitors cases, tickets, and incidents opened with vendor support to ensure timelyresponse and remediation

• Applies upgrades, patches, and other configurations in support of the patch management and vulnerability management processes

• Maintains the team’s writtendocumentation (e.g.diagrams, procedures, and other system information) forthe Company’s security systems

Administrative

• Participates in rotating on-call schedule representing the Security Engineering team

• Mentors other team members and supports cross-training

• Communicates security concerns to management in a timely manner

• Completes training related to this position, as assigned, in a timely manner

• Pursues IT and/or Security certifications relevant to this position

• Takes initiative and responsibility for achieving desired results

• Performs other duties as assigned

Qualifications

Education and/or Experience

• Minimum of six (6) years of experience in information technology, network engineering, or security engineering (required)

• Bachelor’s degree in a related field (preferred)

• Direct experience administering security systemssuch as: endpoint protection,network access control, web content filtering, data loss prevention, vulnerability scanners, and firewalls (required)

• Experience inoperational roles supporting of IT systems, networks, or applications and direct experience conductingbasic troubleshooting steps, documenting tickets, and communicating with end-users (required)

Certifications

• CompTiaA+, Security+, Network+, or other baseline security related certifications (required)

• CISSP, SSCP, CEH, or other intermediate security related certifications (preferred)

Other Qualifications (including physical requirements)

• Must be willing to periodically work non-standard hours and be on call

• Intermediateunderstanding of common enterprise operating systems, database systems, and networks

• Basic understanding of cloud computing architecture and cloud services

• Baseline knowledge of security technology landscape and emerging security technology

• Working knowledge of Microsoft Windows operating systems for advanced troubleshooting techniques

• Ability to read and interpret documents and follow written or verbal instructions

• Ability to transform technical details and processes into written instructions, playbooks and procedures

• Ability to conduct oral and written communication and present, in a professional manner, to internal and external parties

• Ability to prioritize assignments while working on multiple projects

• Ability to manage their own time with awareness to escalate issues promptly and with focused on meeting SLA targets

• Ability to work independently with limited supervision

• Possesses service-oriented mindset and strong customer service skills

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Activities, duties and responsibilities may change at any time with or without notice.

Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.