Information Security Engineer

Job Title: Information Security Engineer

This position is an on-site assignment (preferred).

The Information Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the bank's systems, data, and infrastructure. This role supports threat detection, vulnerability management, incident response, Secure Development Lifecycle (SDLC), and compliance with financial industry regulations using a modern banking tech stack.

Salaried

To perform this job successfully, an individual must be able to perform each of the essential duties satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Security Architecture & Engineering
  • Design and manage security controls across hybrid environments (on-prem + cloud).
  • Implement and maintain security tools and technologies including:
    • Firewalls
    • Endpoint Protection
    • Security Incident Management and Threat Intelligence
    • Data Loss Prevention
    • Identity & Access Management
  • Collaborate with Dev Ops to embed security in the SDLC and CI/CD pipelines including code testing and scanning (DAST/SAST).
    • Experience working with agile Dev Ops teams.
    • Experience with programming languages (Python, Power Shell, etc.)
• Threat & Vulnerability Management
  • Lead Vulnerability Management processes including conducting regular vulnerability scans, penetration tests, and consistent processes for timely remediation.
  • Perform ongoing, day to day monitoring, logging, and disposition of security alerts to ensure timely response to security vulnerabilities and threats.
  • Mature threat intelligence strategy, analyze threat intelligence feeds and respond to emerging threats in accordance with the bank's risk and threat landscape.
  • Track remediation efforts in alignment with defined service level objectives.
• Security Incident Response & Monitoring
  • Manage processes for investigating, escalating, and resolving security alerts from SIEM and EDR platforms.
  • Implement and enforce secure logging and monitoring standards.
  • Lead forensic analysis and containment efforts.
  • Maintain playbooks and runbooks for incident response.
• Compliance & Risk Management
  • Ensure compliance with federal and state banking security regulations and security industry standards including but not limited to FFIEC, NIST, GDPR, HIPAA, PCI-DSS, OWASP and SOC 2.
  • Support internal and external audits.
  • Maintain documentation for security controls and processes.
  • Lead cyber risk and threat intelligence reporting including relevant Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• Cloud & Third-Party Security
  • Secure workloads cloud environments and continuously maintain a proactive cloud security posture aligned to regulatory expectations and industry standards.
  • Support third party security risk assessments and internal enforcing security requirements.
• Carries out responsibilities in a manner consistent with our values and operating principles, in accordance with policy and applicable laws, and with a commitment to continuous improvement and process excellence.
• Any other duties as assigned.

Reports to:

Chief Information Security Officer

Supervises: NA

• Bachelor's degree in Computer Science, Engineering, Management Information Systems, or related field

• Deep expertise building, securing, monitoring, and scaling workloads in AWS, Azure, and Mule Soft.
• Deep understanding of security principles, best practices, and compliance standards including OWASP top 10, NIST CSF 2.0, and other industry frameworks.
• Demonstrated ability to implement and enforce security policies and practices.
• Proficiency with implementing, configuring, and managing security tools to optimize technology enablement including SIEM, EDR, DLP, IDS, Vulnerability Management and AWS cloud security tools (i.e., MXDR, AWS Cloud Security, Nightfall, New Relic, MS Azure, Purview, Defender, etc.).
• Experience with Terraform and Infrastructure as Code including creating and maintaining modules.
• Proficiency with maintaining SDLC processes with CI/CD tooling in accordance with financial services regulatory expectations and industry standards.
• Strong understanding of networking, encryption, access controls, and authentication mechanisms.
• Proficiency with networking concepts, security best practices, and compliance standards.
• Strong scripting experience in Python, Power Shell, Bash, or other scripting language
• CISSP, CISM, CEH, GIAC, Microsoft SC-200, or equivalent.
• Experience with Agile methodologies and leading Agile teams.
• Ability to analyze information and make logical recommendations.

• Experience working in Information Security at a bank or in another highly regulated industry.

• 8+ years working in information or cyber security departments at a financial services institution or other highly regulated industry.
• 5+ years of relevant experience in Dev Ops, Sec Ops, or similar roles,…