Senior Security Operations Center; SOC Engineer

Position: Senior Security Operations Center (SOC) Engineer
FINRA is seeking an experienced Senior Security Engineer to join our Security Operations team. This role is critical in implementing, deploying, and maintaining enterprise-level endpoint security solutions and security platforms across our organization. The ideal candidate will have extensive hands-on experience with security tools, cloud environments, and a strong foundation in systems administration. The candidate has experience working in a SOC environment.
*
* Essential Job Functions:

*
* · Implement, deploy, and maintain enterprise endpoint security platforms in a large-scale enterprise environment, preferably supporting endpoints across multiple security development life cycles (SDLCs).

Experience with leading EDR/XDR technologies is essential, including but not limited to:
Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), Qualys, Carbon Black, Crowd Strike, Trellix, Sentinel One, and Jamf Protect.
· Configure and maintain endpoint security solutions across multi-cloud environments, including AWS, Azure, GCP, OCI, and other cloud platforms as required by organizational infrastructure.
· Perform OS and network-level troubleshooting and testing on all security tools
· Support security analysis and incident response activities in collaboration with CIS staff
· Migrate and decommission legacy security platforms while ensuring business continuity
· Maintain security tools across Development, QC, and Production environments
· Collaborate with cross-functional teams to enhance FINRA's security posture
· Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks.
· Operate and monitor established security controls.
· Identify control deficiencies and make appropriate recommendations.
· Ensure that controls are operating effectively; resolve operating discrepancies.
· Identify, evaluate, and recommend new security technologies, techniques, and tools.
· Define, review, and promote information security policies, standards, guidelines, and procedures.
· Lead/Co-lead internal process improvement initiatives. Provide feedback on processes by offering suggestions.
· Mentor and supervise junior staff in project-level tasks.
· Ensure all work products meets /exceeds FINRA standards.o Demonstration of FINRA’s values.o Collaboration, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.
*
* Preferred Qualifications:

*
* · Experience with security incident response and analysis
· Relevant security certifications and vendor-specific training, such as Crowd Strike Certified Falcon Administrator (CCFA), Microsoft MD-102/SC-200, Sentinel One S1-201, Palo Alto Certified Cloud Security Engineer (PCCSE), Jamf 370, or equivalent professional credentials.
· ITIL training or certification
· Database knowledge (Oracle, MySQL, Microsoft SQL Server)
· Familiarity with storage solutions (EMC, Net App, NAS/SAN)
· Knowledge of container security and Kubernetes operations
*
* Other Responsibilities:

*** Represents FINRA at speaking engagements with various internal and external constituencies
* Leads multi-level initiatives across Regulatory Operations
* Provides subject matter expertise in regulatory area to advance FINRA and industry initiatives (e.g., CAT, Notice to Members, rule filings, market events, congressional testimony preparation)
* Remains current on industry and technology trends, practices, and regulatory impacts
** Education/Experience Requirements:
*** Bachelor's degree and a minimum of ten (10) years of experience in the securities/financial services industry; or an equivalent combination of education and experience in positions of increasing responsibilities.
* Minimum five (5) years supervisory experience required.
* Demonstrated project management, process improvement, understanding of surveillance development lifecycle and goal attainment skills.
* Extensive working knowledge of FINRA, MSRB and other SRO rules and the Securities Exchange Act of 1934 and the rules and regulations thereunder.
* Working knowledge of data analytics and data analytic platforms (e.g., Power Bi and Dataiku)
* Demonstrated…