Security Operations Engineer

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

This role is required to be ONSITE in Malvern, PA Monday through Thursday with Friday remote.

Must be eligible to work in the U.S. without requiring sponsorship now or in the future.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

We get you further, faster.

Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow.

On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead.

Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust.

Position Overview

The Security Operations Engineer plays a critical role in protecting the financial institution's information assets and ensuring the confidentiality, integrity, and availability of systems and data. This position is responsible for monitoring, detecting, investigating, and responding to security incidents, as well as supporting the day-to-day operations of the Security Operations Center (SOC). The engineer will work closely with IT, risk, compliance, and business teams to strengthen the organization's overall security posture.

What you'll do:

• Firewall Review: Conduct regular reviews of firewall rules and configurations, ensuring compliance with security policies and industry best practices.
• Tool Configuration & Maintenance: Configure, maintain, and optimize security tools such as SIEM, endpoint detection, vulnerability management, and EDR systems. Identify, track, and coordinate takedowns of malicious or fraudulent domains, phishing sites, and spoofed websites targeting the institution or its customers.
• Security Monitoring: Monitor security alerts and events from SIEM, IDS/IPS, firewalls, EDR, and other security tools. Analyze logs, network traffic, and endpoint data to identify suspicious activities. Tune and optimize detection rules to reduce false positives.
• Compliance & Documentation: Document configurations, changes, and procedures; provide reporting to meet audit and compliance requirements. Support compliance with industry regulations (FFIEC, GLBA, PCI-DSS, SOX, etc.).
• Collaboration: Work with IT, Cloud, and Security Operations teams to resolve issues and implement secure configurations across systems.
• Continuous Improvement: Identify opportunities to streamline firewall and tool processes, enhance detection capabilities, and improve operational efficiency.
• Incident Response Support: Assist in investigations and remediation activities during security incidents.

What do you need?

• Must-Haves

• 5+ years' experience in security engineering or security operations.

• Hands-on experience reviewing and managing firewalls (rule sets, changes, compliance).

• Experience with configuring and maintaining security tools (SIEM, endpoint detection, vulnerability management, IAM).

• Strong understanding of networking fundamentals (TCP/IP, routing, switching, VPNs).

• Familiarity with incident response processes and escalation.

• Bachelor's degree in Information Security, Computer Science, or related field, or equivalent work experience.

• Key Skills

• Strong troubleshooting and analytical skills.

• Ability to balance security needs with business requirements.

• Excellent communication skills, with the ability to translate technical findings into clear, actionable recommendations.

• Proficiency in Microsoft Office applications for reporting and documentation.

• Nice-to-Haves

• Certifications such as Network+, Security+, CCNA Security, CISSP, or Palo Alto/Checkpoint firewall certifications.

• Experience with Splunk, CrowdStrike, Tenable, Active Directory, or similar tools.

• Exposure to Azure or other cloud security environments.

• Prior experience in banking or financial services.

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws.

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.