Security Engineer IV

The IT department at BOKF drives the bank's cutting-edge technology infrastructure and prioritizes cybersecurity, ensuring seamless and secure digital operations. From supporting robust data centers to safeguarding sensitive financial data, we are always at the forefront of innovation, implementing the latest technologies to elevate banking services. Our dedicated teams provide strategic and comprehensive support, meeting the ever-chaning needs of both clients and employees across the entire enterprise.

As a Cyber Security Engineer IV, you will collaborate with security architecture on designing and leading the deployment of enterprise-wide security solutions and serve as the technical lead on major security initiatives and projects. You will conduct comprehensive risk assessments, develop mitigation strategies, and provide senior-level incident response, coordinating with external entities as needed. Your role includes continuously evaluating and enhancing the organization's defensive posture, advising executive leadership on security trends and best practices, and leading the development and implementation of the organization's security strategy. You will foster relationships with external partners, vendors, and security communities, and develop and oversee incident response and disaster recovery plans. Additionally, you will independently plan, build, operationalize, and report on entire security systems, author and review highly complex code for enterprise security solutions, and perform complex analysis and visualization of large data sets for threat detection and response. Applying expert-level risk management principles to develop and implement strategic security initiatives is also a key responsibility.

BOK Financial is a place where your passion for technological innovation is valued and career development is encouraged. The company fosters an environment where unique talents can thrive, achieve high standards, and contribute to prestigious projects. It's an ideal platform to advance your IT career within a vibrant and supportive culture.

• You will lead and design enterprise-wide security solutions in consultation with Security Architecture.
• You will serve as the technical lead on major security initiatives and conduct comprehensive risk assessments.
• You will provide senior-level incident response, develop mitigation strategies, and coordinate with external entities.
• You will continuously evaluate and enhance the organization's defensive posture and advise executive leadership on security trends.
• You will develop and oversee incident response and disaster recovery plans, and foster relationships with external partners and security communities.

The level of knowledge is normally acquired through completion of a Bachelor's Degree in Information Security, Computer Science, or a related field of study and 8+ years' experience in Cyber Security or a related technical field, or 12+ years of Cyber Security experience or an equivalent combination of education and experience.

Preferred Master's degree, CISSP or equivalent experience/certifications.

• Expertise in not just configuring but deeply optimizing and customizing advanced security tools to fit complex enterprise environments and evolving threats.
• Deep expertise in threat intelligence, including the development and implementation of threat intelligence programs and the ability to predict and counter advanced persistent threats (APTs).
• Leadership in handling major security incidents, including managing incident response teams, coordinating with external stakeholders, and overseeing post-incident forensic investigations.
• Proven track record in managing large-scale security projects, including budgeting, resource management, and leading cross-departmental teams to successful outcomes.
• Exceptional critical thinking and innovative problem-solving abilities, with a track record of developing novel solutions to complex security challenges.
• Mastery in scripting and automation, with experience in integrating security into DevOps practices (DevSecOps) and automating security controls in CI/CD pipelines.
• Expertise in designing and securing complex cloud and hybrid environments, with a focus on architecture, compliance, and the integration of multi-cloud security strategies.
• In-depth knowledge of advanced encryption techniques and cryptographic protocols, including the ability to advise on and implement cutting-edge encryption solutions.
• Ability to communicate and influence at the executive level, translating complex security issues into strategic insights that inform business decisions.
• Expertise in advanced data analytics for security, including the development of custom metrics and models to predict and mitigate threats proactively.
• Advanced understanding of risk management, including the ability to lead risk assessments, develop comprehensive mitigation strategies, and align them with business objectives.