Job Description

Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications.


We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork and divisional cooperation.
 

Primary Function

The Sr Principal Cyber Security Network Engineer is a member of the Information Security group, combining expertise in Security Architecture, Engineering, and Operations. Responsibilities include designing, implementing, and optimizing security solutions and administering various information security tools for effective security event monitoring.

Direct Reports: ? Yes ? No

If yes, list what positions report into the role. Examples below.

N/A

Principal Duties:

List of required duties below. Distinguish on-site duties with an *. Examples below.

  • Design and architect security solutions for enterprise InfoSec Solutions.
  • Develop a Security Capabilities Catalog, emphasizing Core capabilities and Client product offerings.
  • Identify design/solution alternatives, standards, and guidelines.
  • Establish security reference architecture for Platform Delivery, Product Delivery, Infrastructure & PMO.
  • Contribute to formal, large-scale design reviews.
  • Develop confirmation models for InfoSec Services/Architecture analytical models; validate/confirm InfoSec Controls Effectiveness and Efficiency.
  • Create technical architecture ensuring proper interoperation and integration among existing and proposed systems.
  • Develop program quality metrics as program performance and enterprise risk indicators.
  • Perform installation and configuration management of security systems and applications.
  • Locate and repair security problems and failures.
  • Collate security incident and event data to produce monthly exception and management reports.
  • Report unresolved network security exposures, misuse of resources, or noncompliance situations using defined escalation processes.
  • Assess, design, implement, automate, and document customer solutions leveraging hybrid platforms and third-party solutions.
  • Demonstrate architectures, methods, and controls required to meet stringent compliance and audit requirements.
  • Proactively stay up to date with developments in relevant technologies.
  • Install and maintain Security Information and Event Management (SIEM), Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP), and other security tools in a hybrid environment.
  • Respond to and, where appropriate, resolve or escalate reported security incidents.
  • Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity.
  • Train team members in the use of security tools and resolution of security issues.
  • Perform related duties as assigned by management.

Education and Experience

Required education and experience. Examples below.

  • Bachelor's Degree in Computer Science, Engineering, or another relevant discipline; Master's Degree preferred.
  • 8+ years of progressive experience in Cyber Security.
  • 6+ years of system security and testing experience.
  • Relevant certifications (e.g., CISSP, SSCP, Offensive Security, CPT, CEH) are a plus.
  • Extensive experience as a Cyber Security Network Engineer.
  • Experience in developing, documenting, and maintaining security procedures.
  • Experience with NextGen Firewalls, DLP, Network Access Control (NAC), Intrusion Detection/Prevention Systems (IDS/IPS), Azure Security, Identity and Access Management (IdAM), Certificate Management, SIEM, Endpoint Protection, Anti-malware, Vulnerability Management, Zero Trust.
  • Advanced InfoSec Design and Architecture Experience.
  • Experienced in Data security, Infrastructure security, Endpoint/Platform Security, Security Analytics, and Application Security.
  • Working experience with industry frameworks (NIST, ISO, CIS, etc.).

Knowledge, Skills, and Abilities

Required knowledge, skills, and ability. Examples below.

  • Knowledge of computer control environments.
  • Strong knowledge of a broad range of security technologies.
  • Strong knowledge of network security, wireless security, application security, infrastructure hardening, security baselines, web server, and database security.
  • Knowledge of network infrastructure, routers, switches, firewalls, and associated protocols.
  • Strong knowledge of TCP/IP and network administration/protocols.
  • Significant exposure and experience in the implementation and operation of InfoSec Products and Services.
  • High-level analytical and problem-solving skills.
  • Financial management and estimation of technology impact experience.
  • Strong technical and business requirements integration skills.
  • Executive-level communication and presentation skills.
  • Knowledge of automation strategies and tools.
  • Knowledge of security auditing techniques.
  • Comfortable working outside their comfort zone with a willingness to learn.

While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.

By applying to this position candidate acknowledges that this is not a remote role and is required to be on-site.

All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator. Employment will be contingent on this requirement.

Company Benefits:
*     Medical (including Health Savings Account & Flexible Savings Account)
*     Dental - RX - Vision - Life, Disability Insurance - 401(k) Plan with company match! - Employee Assistance Plan

*     Performance-based Incentives
*     Pet Insurance

*     Advancement Opportunities

Newrez NOW:

*     Our Corporate Social Responsibility program, Newrez NOW, empowers employees to become leaders in their communities through a robust program that includes volunteering, philanthropy, nonprofit grants, and more
*     1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice
*     Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee

*     Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions


Equal Employment Opportunity 
We're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.

CA Privacy Policy

CA Notice at Collection

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online