At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

Must be legally eligible to work in the United States without sponsorship, now or in the future, to be considered.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

We get you further, faster.

Focused on you: We provide every customer with a single point of contact. A dedicated team member who’s committed to meeting your needs today and tomorrow.

On the leading edge: We’re innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead.

Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we’re a partner you can trust.

What You’ll Do:

As a Network Security Engineer at Customers Bank, you will be a key member of our IT Network team, responsible for designing, implementing, administering, and supporting our enterprise network security infrastructure. You will play a hands-on role in protecting the bank’s network perimeter, securing data flows, and enforcing security policies across our multi-site environment. This role requires deep hands-on expertise with Palo Alto Networks and Cisco firewall platforms, along with strong knowledge of network security principles, zero-trust architecture, VPN technologies, Cisco ISE, and SD-WAN security.

• Design, deploy, and manage Palo Alto Networks next-generation firewalls (NGFWs), including security policies, NAT, App-ID, User-ID, Threat Prevention, URL Filtering, and WildFire across the enterprise and branch locations.
• Administer and maintain Cisco ASA and Firepower (FTD) firewalls, managing access control policies, intrusion prevention, and platform lifecycle including upgrades and patching.
• Manage and maintain VPN infrastructure, including Cisco AnyConnect/Secure Access remote access, as well as site-to-site IPSec tunnels, ensuring secure and reliable connectivity for remote users and branch offices.
• Support and secure the Cisco Catalyst SD-WAN environment, including applying security policies, traffic segmentation, and ensuring encrypted transport across WAN fabrics.
• Administer Cisco Umbrella/Secure Access DNS-layer security and web filtering policies, managing category-based controls, threat intelligence integrations, and reporting across the enterprise.
• Able to lead investigation and response to network-layer security incidents, anomalies, and policy violations.
• Participate in and lead change management activities in accordance with ITIL best practices, ensuring proper documentation, approvals, post-implementation reviews, and compliance with regulatory requirements.
• Collaborate with the Information Security, Cloud, and Infrastructure teams to design and implement network segmentation, zero-trust controls, and security architecture improvements aligned to PCI-DSS, SOX, and NIST frameworks.
• Work both independently and collaboratively across IT teams, vendors, and business stakeholders to deliver security projects, resolve incidents, and drive continuous improvement of the network security posture.
• Maintain thorough documentation of firewall policies, network security architecture, runbooks, and standard operating procedures.

What Do You Need?

Technology Skills:

• 5+ years of hands-on experience in network security engineering, with demonstrated expertise in enterprise firewall administration and network perimeter security (CCNP Security-level or equivalent experience).
• 3+ years of hands-on experience with Palo Alto Networks NGFWs, including Panorama management, security policy design, and advanced threat prevention features (App-ID, User-ID, WildFire).
• Solid hands-on experience with Cisco ASA and/or Firepower (FTD/FMC) – access control policies, IPS tuning, platform upgrades, and migration planning.
• Strong working knowledge of Cisco ISE for NAC, 802.1X, RADIUS/TACACS+, device profiling, and guest access management.
• Experience with VPN technologies including Cisco AnyConnect/Secure Access and IPSec site-to-site tunnels; understanding of certificate-based authentication and split tunneling design.
• Solid understanding of core network security protocols and concepts including TCP/IP, BGP, EIGRP, ACLs, NAT, SSL/TLS inspection, and network segmentation/micro-segmentation.
• Familiarity with Cisco Catalyst SD-WAN security capabilities, including application-aware policy enforcement, encrypted transport, and security service chain integration.
• Experience with Cisco Umbrella/Secure Access or similar DNS-layer security and cloud-delivered security platforms; working knowledge of URL filtering, threat intelligence, and SaaS policy management.
• Experience working within an ITIL-based change management process; comfortable authoring change requests, presenting to CAB, and performing post-implementation and after-action reviews.
• Ability to work with the Microsoft Suite and Customers Bank’s internal collaboration and ticketing applications; familiarity with scripting (e.g., Python, Ansible) for firewall automation and policy management is a plus.

Preferred Qualifications:

• Familiarity with security and compliance frameworks relevant to a regulated financial institution (e.g., PCI-DSS, SOX, NIST CSF, FFIEC); ability to translate regulatory requirements into technical security controls.
• Palo Alto Networks certifications (PCNSE or equivalent) are preferred; Cisco security certifications (CCNP Security, CCIE Security) are also highly valued. A demonstrated track record carries equal weight to certifications.
• ITIL Foundation certification or equivalent experience with change and incident management practices.
• Experience with Microsoft Azure networking and cloud security, including Azure Firewall, NSGs, Virtual WAN, ExpressRoute, and integration with on-premises security infrastructure.

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws.

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let’s take on tomorrow.