Description

: At Regions, the Cyber Security Engineer supports applicable services for cloud applications, infrastructure, platform security, and related technologies within the Cyber Security organization. Primary Responsibilities Designs, implements, and supports relevant cyber security technology solutions Provides technical administration to include troubleshooting support, break-fix operations, patching, and other day-to-day activities for relevant applications Stays abreast of industry trends and investigates organizational objectives and needs Reviews and maintains operational documentation and reports to support monthly trend analysis as well as project components Conducts research, proof-of-concept, selection, and implementation of technology solutions, including detailed analysis of pros and cons and build vs buy options Explores implementation of new technologies, solutions, and methods to improve business processes, efficiency, effectiveness, and value delivered to customers May participate in security incident response activities and post-event reviews of security incidents Supports subject-matter experts in the design, implementation, and maintenance of relevant cyber security solutions to business areas, project teams, and vendors Examines the technology vision, opportunities and challenges regarding security standards and the impact of the technology within the Cyber Security organization Supports relevant metrics, controls, and other governance administration related to cyber security technology Participates in on-call rotation for the support of any relevant cyber security technologies Offers advice and guidance to junior engineers, assisting in the development of technical skills and knowledge Assists with the review, design, and development of related operational processes, standards, and procedures Adheres to operational processes, standards, and procedures May assist senior engineers in the administration of complex projects This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay. Requirements High School Diploma or GED and eight (8) years of related post-secondary education and/or experience in Information Security and/or Information Technology Preferences Bachelor’s degree in Information Technology, Information Security, Information Systems Management, Computer Science, Engineering, or related field Applicable technology and/or security certifications (e.g. Certified Information Systems Security Professional (CISSP), CompTIA Security+, Cisco Certified Network Associate (CCNA), Microsoft Certified Solutions Associate (MCSA), etc.) Skills and Competencies Ability to prioritize conflicting demands Knowledge of common web technologies, cloud technologies, and enterprise and network architecture Knowledge of defense in depth, trust levels, privileges, and permissions Knowledge of modern security tools and controls Possesses an analytical and evaluative thinking capability Strong problem-solving skills to offer sound solutions to issues Strong verbal, written communication, and organizational skills Designs, implements, and supports relevant cyber security technology solutions with a focus on application and API security. Develops and leads an API security testing program, integrating both automated and manual testing approaches. Operates and configures security scanning tools such as Coverity (SAST) and Seeker (IAST) to identify vulnerabilities in applications and APIs. Conducts manual security testing using tools such as Burp Suite and Postman, identifying common API vulnerabilities such as broken authentication, excessive data exposure, and injection flaws. Supports secure design, implementation, and maintenance of APIs and cloud-based solutions. Explores and evaluates emerging security tools, methodologies, and techniques to improve API protection and application-layer defense. Collaborates with application development teams to integrate security into the CI/CD pipeline and ensure compliance with secure coding standards. Advises stakeholders on API security architecture and governance and supports audits and compliance efforts. Deep understanding of application and API security principles, including OWASP Top 10 and OWASP API Security Top 10. Experience with source code analysis (SAST), interactive application security testing (IAST), and dynamic testing (DAST). Ability to identify, analyze, and remediate application and API vulnerabilities. Knowledge of cloud-native security tools and architectures. Applicable security certifications (e.g. CISSP, CompTIA Security+, GWAPT, OSCP, CEH). Experience with API testing methodologies and tools such as Burp Suite, Postman, OWASP ZAP, and SoapUI. Familiarity with REST and SOAP APIs, OpenAPI/Swagger specifications, and API gateways. Position Type Full time Compensation Details Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job. The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position. Job Range Target: $106,337.55 USD$137,100.00 USD Incentive Pay Plans: Opportunity to participate in the Long Term Incentive Plan. Benefits Information Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions. Paid Vacation/Sick Time 401K with Company Match Medical, Dental and Vision Benefits Disability Benefits Health Savings Account Flexible Spending Account Life Insurance Parental Leave Employee Assistance Program Associate Volunteer Program Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions’ benefits, please click or copy the link below to your browser. Location Details

Riverchase Operations Center Location:

Hoover, Alabama Equal Opportunity Employer/including Disabled/Veterans Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.