Apply on Employer Site

Bank of Stockton · 13 hours ago

Network Security Engineer II

Stockton, CA

Full-time

Onsite

Mid Level

$38/hr - $50/hr

3+ years exp

Bank of Stockton is seeking a Network Security Engineer II to support their network security operations. This role involves protecting the bank's network infrastructure from cybersecurity threats through engineering, implementation, and operational support of security technologies.

Financial ServicesVenture Capital

Responsibilities

Assist the NSA in monitoring, investigating, and responding to cybersecurity incidents to minimize operational and regulatory risk

Analyze and triage network and security alerts from multiple sources, including:

24x7 monitoring platforms

Next-Generation Firewalls (NGFW) and cloud security services

Firewall traffic logs

SIEM alerts and dashboards

Security policy rules (ACLs)

VPN connection and authentication logs

Router and switch configuration changes

Endpoint anti-malware and EDR alerts

Vulnerability assessment results

Support proactive threat detection, root cause analysis, and remediation activities

Assist with documenting incidents, investigations, corrective actions, and lessons learned

Support administration and maintenance of enterprise firewall platforms, including IDS/IPS and integrated cloud security services

Implement approved firewall rule changes in accordance with strict change management procedures

Assist with quarterly firewall rule reviews to improve security posture, performance, and reliability

Support firewall software updates, patching, and vendor coordination activities

Assist in securing routers, switches, and network security appliances

Implement approved configuration changes while adhering to documented change control processes

Support standardized and secure configurations for:

DHCP, DNS, and NTP services

Network monitoring and centralized logging

802.1X authentication using ClearPass

Monitor configuration changes and assist in investigating unauthorized or anomalous activity

Help maintain accurate network diagrams and security architecture documentation

Assist with configuring and maintaining the SIEM platform to collect logs, events, and NetFlow data in support of PCI and other regulatory requirements

Help develop, tune, and test alerts, correlation rules, and dashboards

Track remediation activities and validate resolution of identified security issues

Assist with generating recurring and ad hoc security reports for management and compliance needs

Support the establishment and maintenance of network security and performance baselines

Assist with implementing and enforcing endpoint security standards for servers and workstations, including:

Anti-malware and EDR solutions

Patch management

Host-based firewalls

Coordinate with Network Administration and IT teams to support system hardening initiatives

Validate endpoint compliance with security standards and assist in remediation of deficiencies

Assist the NSA in developing and maintaining cybersecurity standards, procedures, and technical controls

Support internal and external security audits by gathering evidence and validating configurations

Help prepare security metrics, trends, and risk summaries for Information Security meetings

Serve as a technical resource to internal teams on network security best practices

Assist with securing and governing artificial intelligence (AI) technologies used by the Bank

Support implementation of technical controls, acceptable-use guidelines, and risk mitigation measures for AI systems

Stay informed on emerging AI security risks and assist in evaluating new AI-related technologies

Ensure assigned security tasks and remediation activities are completed accurately and within defined timelines

Methodically investigate suspicious network activity and escalate findings to the NSA as appropriate

Participate in after-hours incident response and on-call rotations as required

Continuously develop technical skills and remain current with evolving cybersecurity threats and technologies relevant to financial institutions

Stay current with emerging network security threats, technologies, and best practices

Develop and maintain network automation and security tooling using Python, Ansible, or similar technologies

Assist with security assessments, audits, and penetration testing remediation

Support disaster recovery and business continuity planning related to network security

Qualification

Cisco firewallsPalo Alto Networks firewallsSIEM toolsTCP/IPNetwork administrationEndpoint protectionVulnerability assessmentChange managementAnalytical skillsProblem-solving skillsTechnical mentorshipAttention to detail

Required

Bachelor's degree in computer science, Information Security, or a related field OR a minimum of three (3) years of progressive Information Security experience

Current, bank-approved security-related certifications such as CCNA or PCNSA

3 years or more with Cisco and Palo Alto Networks firewalls, and routing/switching devices from major vendors

3 years or more with network administration and security management tools

3 years or more knowledge of SIEM and security monitoring tools, preferably ManageEngine EventLog Analyzer, Log360, AD-Audit Plus, AD-Manager Plus, and File-Audit

3 years or more of TCP/IP, DNS, DHCP, VPN, LAN/WAN, encryption protocols (SSL/TLS, IPSec, SSH), and vulnerability assessment tools (e.g., Nessus, OpenVAS)

Experience with Windows Server and Linux operating systems, including hardening servers and endpoints

Ability to work independently with minimal supervision, prioritize tasks, and execute responsibilities effectively

Ability to follow and implement technical instructions related to security and networking

Strong analytical and problem-solving skills with attention to detail

Ability to focus on mission-critical functions and organize work efficiently in a high-availability environment

Day Shift (Required)

Ability to Commute: Stockton, CA 95202 (Required)

Willingness to travel: 25% (Required)