Friday, February 18, 2011

CoBiz Financial - Security Engineer II

CoBiz Financial (www.cobizfinancial.com), an equal opportunity employer, is a $2.5 billion financial services company that serves the complete financial needs of businesses, business owners and professionals in Colorado and Arizona. The company provides commercial banking services through Colorado Business Bank and Arizona Business Bank; trust and fiduciary services through CoBiz Trust; property and casualty insurance brokerage, risk management consulting services and employee benefits through CoBiz Insurance; investment banking services through Green Manning & Bunch; the management of stock and bond portfolios for individuals and institutions through Alexander Capital Management Group and Wagner Investment Management; and executive benefits consulting and wealth transfer services through Financial Designs Ltd.

CoBiz Financial is currently seeking a Security Engineer II for our IT Department located in downtown Denver. We offer a friendly, professional work environment, an excellent starting salary and an outstanding benefit package, including health, dental, vision, 401(k), tuition assistance, computer purchase and stock purchase plan. A free EcoPass is offered to all Denver employees.

General Purpose:

Assists with the design, maintenance, and operations of network security systems and applications within the current enterprise data network. Assists with the direction and planning for the information security infrastructure to support the organizations business objectives.

Essential Functions:

• Monitors and maintains application and network firewalls and intrusion prevention systems (IPS).
• Performs daily maintenance, monitoring and support for all Anti-Virus systems and applications.
• Performs daily maintenance, monitoring and support for authentication systems.
• Develops, monitors and maintains appliances utilized for web caching/proxy and e-mail filtering applications and systems.
• Monitors and maintains external DNS.
• Develops, monitors and maintains VPN services, encryption systems, and PKI.
• Regularly monitors system and application logs for security events.
• Creates regular security monitoring reports from all network security, caching, filtering, and virus applications currently being used.
• Assists with network vulnerability penetration testing of infrastructure, including firewalls, web, database, application and authentication servers.
• Performs regular enterprise security scans to audit security posture of the enterprise infrastructure.
• Assists with the creation and maintenance of enterprise security policies.
• Maintains physical security for several locations.
• Assists with the completion of assigned projects.
• Exercises awareness in regard to possible suspicious activity, money laundering or fraudulent behavior and reports any such incidents to the BSA Department and/or Internal Audit Director as appropriate.
• Performs job functions in compliance with all company policies and federal/state rules and regulations as applicable to the position.

Other Functions:

• Provides end-user desktop and backend server support as required.
• Completes Track-IT! User Support tickets in a timely manner.
• Provides escalation support to the User Support team.
• Creates and maintains Standard Operating Procedures (SOP).
• Provides on-call or pager support for all network security systems and applications.
• Aids in end user training.
• Other duties as assigned.

Job Qualifications:

Knowledge, Skill and Ability:

• Advanced working knowledge of network topologies and protocols.
• Advanced working knowledge of McAfee Enterprise Firewall (Sidewinder) and Cisco Systems ASA Firewall (load balancing, threat management, VPN).
• Strong working knowledge of anti-virus applications including Symantec and Trend.
• Strong working knowledge of BlueCoat SG and AV for web caching and filtering, spyware and anti-virus detection, and reporting.
• Strong working knowledge of e-mail filtering appliances including Cisco IronPort.
• Strong working knowledge of event logging/management tools including RSA Envision and vulnerability assessment tools including Rapid7.
• Strong working knowledge of intrusion prevention systems (IPS) including Tipping Point.
• Advanced working knowledge of Windows server (2003/2008), desktop (XP/7) and virtual platforms (VMware, Hyper-V).
• Strong working knowledge of DNS.
• Strong working knowledge of certificate management and PKI.
• Ability to effectively communicate verbally and in writing with personnel at all levels within the organization, as well as outside vendors/contacts.
• Ability to prioritize work and handle multiple tasks, both long and short term, simultaneously in a fast paced, diverse and growth-oriented environment.
• Ability to identify deficient processes/procedures and to develop and implement secure solutions.
• Ability to maintain a high level of confidentiality.
• Ability to work under tight deadlines.
• Ability to work flexible hours and to provide remote support of systems.

Education or Formal Training:

• Bachelor degree in Computer Science, Information Systems, or equivalent.
• Basic Microsoft, Network, or Network Security training.
• Certifications: MCP/MCSE, CCNA, CISA/CISM, SANS, or other security specific certification.

Experience:

• Minimum four years in an IT environment supporting information security, network security and working closely with TCP/IP.
• Minimum four years experience in a Windows 2003/2008 environment.
• Working knowledge of the Linux operating system and various security related tools.

Working Environment / Physical Requirements/Activities:

General office environment; therefore, must have the ability to operate Bank office machines/equipment with hands and the ability to use and type on computer keyboard. Must also have the physical ability to use the telephone. Must understand questions/concerns raised by parties involved, in person and over the telephone. Must be able to read job-related documents. Must have the physical ability to stoop, bend and lift, push, pull or carry up to forty pounds up to. five times per day. Must have the ability to transport self to outlying locations, including limited overnight travel.