Sr. Security Engineer - Attack Surface Management Team

Edward Jones

St. Louis, MO
Education
Benefits
Experience
Special Commitments
Other
Apply
10,000+ Similar Jobs

Job Title

Sr. Security Engineer - Attack Surface Management Team

Recruiter

Anne Schwabe

Opportunity Overview

The Senior Cybersecurity Strategy Analyst will work at the direction of the Director of CGRC & Identity & Access Management to independently perform advanced aspects of the cybersecurity governance, strategy, and compliance (GRC). The Senior Cybersecurity Strategy Analyst will have a broad level of understanding that allows them to overlay business, technology, security, strategy, and regulatory concepts to identify trends and draw unique conclusions that direct work and strategic initiatives. They will work as advocates of the security organization and with partners in IT and across the second and third lines of defense to ensure consistency and efficiencies throughout the Firm's strategic and risk management approach. They will lead the coordination of cross-functional initiatives, ensure clarity and alignment on strategic objectives, and be accountable for the development of executive-level reporting and board-ready materials.

  • Prepare executive-level materials, including board decks, committee presentations, and other executive-level briefings with a focus on clarity, visual polish, and strategic insight.
  • Coordinate and track progress on strategic cybersecurity initiatives across Cyber Risk, Compliance, IDAM, and other stakeholders outside of Cybersecurity.
  • Partner with Firm and Digital strategy teams to ensure alignment and consistent communication of roadmap, progress, risk, etc.
  • Facilitate leadership meetings, governance forums, and planning sessions including agenda setting, material preparation, and action item tracking.
  • Maintain and oversee format and consistency of approach in documenting Cybersecurity strategy and tracking progress against it.
  • Serve as a liaison across Information Security, IT, Enterprise Risk, Internal Audit, and Legal teams to ensure coordination on executive-level requests.
  • Lead centralized planning efforts, including budgeting, headcount alignment, and execution tracking.
  • Assist with execution of internal and external audit or regulatory requests, including documentation management, meeting coordination, and remediation follow-up.
  • Partner with enterprise communications and security awareness teams to help ensure consistent, polished, and effective messaging across stakeholder groups.

Req ID

103691BR

Position Type

Home Office

Position Schedule

Full-Time

EEO Statement

Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.

Posting Location

Arizona, Tempe, Missouri, St. Louis

Company Description

Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we’re proud to be privately-owned, placing the focus on our clients rather than shareholder returns.

Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging.

People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career.

View our Purpose, Inclusion and Citizenship Report.

¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating.

External Flexible Work Option(s)

Hybrid, Remote

Awards and Accolades

At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received.

Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones

Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones

Country

United States

Search Headquarters Positions by Area of Interest

TECHNOLOGY

Position Requirements

What Experience You'll Need:

  • Bachelor's degree in Information Technology, Telecommunications or Engineering preferred or related work experience.
  • 5+ years of experience in cybersecurity as a practitioner and at least 2+ years exposure with one of the following: Amazon Web Services (AWS) or Microsoft Azure. Knowledgeable of software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS).
  • Knowledge and understanding of vulnerabilities, especially those from the OWASP top 10 in order to understand and appropriately triage findings.
  • Strong communication skills since you will be required to frequently interact with business and technical stakeholders.
  • Ability to work within a fast-paced, collaborative environment. You will be expected to attend and fully engage in change control and Agile ceremonies.
  • Ability to apply systems thinking, considering other perspectives, factors, and dependencies to ensure an effective tactical and strategic direction to address complex problems.
  • Working knowledge in network, network storage, application development, Operating Systems, IAM (Authentication/authorization), PAM, SSO, and encryption standards.
  • Experience in security operations. Experienced in performing threat modeling and application security architecture reviews is a plus.
  • Experience with setting, creating, and maintaining custom and built-in cloud platform security policies.
  • Working knowledge of various industry compliance standards, regulatory requirements and laws including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA), ISO 27001/2, ITIL or NIST.
  • Familiarity with DevSecOps methodology and Agile frameworks

Salary Information

Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page.

Read Full Description
Apply
Jobs at Edward Jones
Similar Jobs
Confirmed 7 hours ago. Posted 21 days ago.

Discover Similar Jobs

Suggested Articles

Leaving Consulting: The Why, When, How and What For?
How To Get Into Investment Banking
When You Should Leave a Job and Other Career Questions Answered
My Story Recruiting into Finance as an Engineering Major
7 Reasons To Pursue A Career in Wealth Management
The Junior Banker Lifestyle is About to Get Better

Roles for Junior Investment Bankers

Mid-Level and Senior Investment Banking Jobs