SMBC Group

Returning Candidate?

Senior Information Security & IT Risk Engineer - Capital Markets - Technology - NY Infrastructure

Senior Information Security & IT Risk Engineer - Capital Markets - Technology - NY Infrastructure

Job Locations 
US-NY-New York
Career Category 
Information Technology
Position ID 
Corporate Title 
Posting Date 

More information about this job


The Senior Information Security & IT Risk Engineer is responsible for ensuring that IT security systems are configured, deployed, and maintained in accordance with the firms polices and standards.   Responsible for delivering key Information Security and IT Risk projects. The Senior engineer will be responsible for monitoring regular vulnerability scanning and penetration testing, and will participate in incident response and investigations. The focus will be on cybersecurity solutions and ways to protect the firm from virus and malware vulnerabilities. Development and maintenance of IT Risk log analysis solutions, including data collection and aggregations, data normalization, and reporting.   Responsibilities include the review and analysis of comprehensive security data from a wide variety of sources.


  • Manage and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.
  • Manage and collate quality assure data provided to other departments such as Risk Management and Internal Audit Manage the security event log data and investigate anomalies
  • Manage and perform monitoring activities and risk assessments Manage, implement, and support information security solutions including security architectures, change/configuration management, and the integration of security products as needed.
  • Develop and maintain documentation for security systems and procedures and processes.
  • Develop security awareness training for new employees.
  • Perform testing to evaluate new products for network and system security controls.
  • Maintain logging and monitoring standards, technical investigative techniques and reporting Maintain project scheduling and task follow on security initiatives.
  • Coordinating and liaising the annual BCDR test and BCDR related tasks including: annual independent review; triennial third party review; and employee training.
  • Security Administration of in-house and third party applications Liaising internal, external and regulatory audits.
  • Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant and relevant phases of all IT processes.
  • Ensure that the IT systems are compliant with applicable regulations, group policies, codes and industry guidance.
  • Respond to, and where appropriate, resolve or escalate reported security incidents


  • 10+ Years of Experience
  • Bachelor’s Degree in Computer Science or related field. Certifications are a plus - but not required
  • Strong and deep experience with:
  • System vulnerability tools.
  • Security monitoring tools for Windows and Linux
  • Application security risk assessment tools -
  • Creating effective technical educational programs -
  • Working with Change Management and Change Advisory Boards -
  • Performing gap analyses within different environments coupled with an in depth understanding of regulatory guidelines, and keeping in accordance with standards and best practices related to ISO and NIST
  • Data Analysis including normalization and anomaly recognition software
  • Weekend and night work may be needed at times based on project, support, and business needs


Required  Skills/Abilities


  • Strong ability to deliver on time
  • Able to follow priorities set by management
  • Strong ability to deliver quality
  • Able to follow directions and guidance from management
  • Strong ability to communicate clearly
  • Ability to multi-task and work on several projects at the same time High sense of urgency as a Trading Floor environment needs to be supported
  • Ability to translate business requirements into technical solutions