Information Security Engineer I

We are a values driven organization putting Relationships FIRST. EagleBank (NASDAQ - EGBN) is focused on being Flexible, Involved, Responsive, Strong, and Trusted. By prioritizing meaningful connections with our customers, employees, and shareholders, we relentlessly deliver the most compelling, valuable service to our customers.

EagleBank is committed to inclusion, equity, and respect. We celebrate diversity and intentionally seek out opportunities to learn from one another's experience. We believe employees are essential to the building of relationships, and we prioritize investing in employee growth and wellbeing. Employee involvement is fostered through resource groups, mentorship programs, community service, and scholarship opportunities for continued education. With features including maternity and parental leaves, wellness discounts, healthcare premium sharing, employer funding in your HSA account, and 100% 401(k) matching up to 4%, we pride ourselves in the ways we support our internal relationships. The minimum and maximum projected annualized salary for this position is: $87,723.00 to $119,493.6. Additional compensation may be possible based on experience and skills.

We understand the need to be creative and flexible when it comes to telecommuting and other alternative work arrangements. This position is eligible for our hybrid remote work and will work in the Silver Spring, MD office four days per week.

The Information Security Engineer I supports the Bank's operational goals by assisting in the monitoring, analyzing and maintaining EagleBank's technical security controls in support of EagleBank's Information Security Program. This role will be focused on assisting with network security operations to host and network-based controls, including but not limited to Antivirus, Endpoint Detection and Response (EDR), Host Intrusion Prevention Systems (HIPS), Intrusion Prevention Systems (IPS), application whitelisting, firewall, Data Loss Prevention (DLP), Security Incident and Event Monitoring (SIEM), Network Monitoring, etc.

The role also supports the security of the EagleBank applications and network through creation and timely execution of project plans, tool installations, system upgrades and integrating risk-based threat intelligence into the operational environment, ensuring effective execution of our technical security controls so that risks to the confidentiality, integrity and availability of EagleBank's information systems and infrastructure are managed. The role will also perform support triage and analysis of security events escalated from the Tier1 and Tier-2 support teams and will be supported by guidance from the Senior Information Security engineer.

Requirements:

Bachelor's Degree in Arts/Sciences (BA/BS) Computer Science, Information Systems, Information/Cybersecurity or related focused technical training or in lieu 4 additional years of engineering and project management experience
• 4 years experience in a combination of information security operations / engineering / administration with emphasis on operations and maintenance of security tools
• 2 years experience with designing, troubleshooting and implementing information security technologies
• 2 years experience supporting vulnerability management / agents in a Windows environment
• Knowledge of TCP/IP networking: networking topology, protocols and services
• Familiarity with security tools (Vulnerability Management, SIEM, NIDS/NIPS, Endpoint Security, Web proxies, firewalls)
• Familiarity with at least one security best practice standard such as the Center for Internet Security (CIS) Top 20 Critical Security Controls, NIST Cybersecurity Framework, ISO27001 controls, PCI-DSS, or equivalent
• Excellent knowledge of Microsoft Operating system; knowledge of Linux operating system is a plus
• Familiarity with networking technology and protocols, including routers, switches, VPNs, Citrix, email gateways, etc.
• Intermediate level skill providing input and support into technology projects
• Experience assisting with Tier-1 and Tier-2 ticket escalations, troubleshooting and ticket resolution
• Hand-on experience with security tools (Application Security, Network Anomaly Detection, Incident Response, email gateway, etc)
• Familiarity with deployment and management of vulnerability management tools / agents (Rapid 7, Tenable, Qualys)

Preferences:

• 2 years experience administering (monitor, upgrade, troubleshoot) Linux servers.
• 2 years experience with information security on the public cloud (Azure/AWS) environment
• 2 years security engineering / administration in the financial sector

Don't meet all the requirements? We encourage you to still apply if you think you are the right person to join our community. We are always interested connecting with people inspired by our mission and values. If you aren't hired for this position, your resume will remain available for the next year and might be considered for future openings. Note: You can update your resume as often as needed.