Senior Security Engineer

    • Rockville, MD

The Senior Security Engineer works under minimal supervision and will perform information security tasks commensurate with their experience that ensure applications and projects meet defined quality standards.

Essential Job Functions:

  • Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks.
  • Identify uncontrolled risks and recommend control improvements.
  • Proactively identify security requirement deficiencies.
  • Engage business and technology personnel to elicit security requirements.
  • Architect and design security control systems to address requirements.
  • Operate and monitor established security controls.
  • Identify control deficiencies and make appropriate recommendations.
  • Ensure that controls are operating effectively; resolve operating discrepancies.
  • Review, triage, and prioritize control output.
  • Take appropriate action to resolve security discrepancies.
  • Identify, evaluate, and recommend new security technologies, techniques, and tools.
  • Define, review, and promote information security policies, standards, guidelines, and procedures.
  • As compliance subject matter expert, enforce and monitor compliance with internal and external regulations, policies, and standards.
  • Establish and promote strategies to ensure that compliance is effectively monitored and enforced.
  • Lead/Co-lead internal process improvement initiatives.
  • Provide feedback on processes by offering suggestions.
  • Mentor and supervise junior staff in project-level tasks.
  • Assist with adherence to technology policies and comply with all security controls.
  • Ensure all work products meets /exceeds FINRA standards.


Education/Experience Requirements:
  • Bachelor’s degree in Computer Science, Information Systems or related discipline with at least five (5) years of related experience, or equivalent training and/or work experience.
  • Experience must include direct experience in several of the key areas listed: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.
  • In-depth knowledge of one or more communications protocols.
  • Experience with more than one Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.
  • Strong written and verbal technical communication skills.
  • Demonstrated ability to develop effective working relationships that improved the quality of work products.
  • Should be well organized, thorough, and able to handle competing priorities.
  • Ability to maintain focus and develop proficiency in new skills rapidly.
  • Ability to work in a fast paced environment.
  • In-depth knowledge of more than one Information Security principle and discipline.

Work Conditions
  • Work is normally performed in an office environment.
  • Occasional travel and extended hours may be required

To be considered for this position, please submit a cover letter and resume. A writing sample may be required as part of the submission.

The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.

Please note: If the “Apply Now” button on a job board posting does not take you directly to the FINRA Careers site, enter www.finra.org/careers into your browser to reach our site directly.

FINRA strives to make our career site accessible to all users. If you need a disability-related accommodation for completing the application process, please contact FINRA’s accommodation help line at 240.386.4865. Please note that this number is exclusively for inquiries regarding application accommodations.

In addition to a competitive salary, comprehensive health and welfare benefits, and incentive compensation, FINRA offers immediate participation and vesting in a 401(k) plan with company match. You will also be eligible for participation in an additional FINRA-funded retirement contribution, our tuition reimbursement program and many other benefits. If you would like to contribute to our important mission and work collegially in a professional organization that values intelligence, integrity and initiative, consider a career with FINRA.

Important Information

FINRA’s Code of Conduct imposes restrictions on employees’ investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. All of those accounts are subject to the Code’s investment and securities account restrictions, and new employees must comply with those investment restrictionsâ€"including disposing of any security issued by a company on FINRA’s Prohibited Company List or obtaining a written waiver from their Executive Vice Presidentâ€"by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.

You can read more about these restrictions here.

As standard practice, employees must also execute FINRA’s Employee Confidentiality and Invention Assignment Agreement without qualification or modification and comply with the company’s policy on nepotism.

Search Firm Representatives

Please be advised that FINRA is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, a valid written agreement and task order must be in place before any resumes are submitted to FINRA. All resumes submitted by search firms to any employee at FINRA without a valid written agreement and task order in place will be deemed the sole property of FINRA and no fee will be paid in the event that person is hired by FINRA.

FINRA is an Equal Opportunity and Affirmative Action Employer

All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the person’s relatives, friends or associates.

FINRA abides by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

FINRA abides by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.

©2019 FINRA. All rights reserved. FINRA is a registered trademark of the Financial Industry Regulatory Authority, Inc.

FINRA is the first line of defense for investors and works hard to ensure U.S. financial markets remain robust and operate fairly.

FINRA Company Image


Back to top