Senior Information Security Engineer

Job Description

The POWER of a CAREER! Northpointe Bank is seeking a detail-oriented, customer service-minded individual to join our team as a Senior Information Security Engineer. This position requires an individual who has the desire to make a difference within the organization. An exceptional ability to grasp new concepts and learn while providing excellent service is critical for this position.

Applicants must be currently authorized to work in the United States on a full-time basis. We are unable to sponsor or take over sponsorship of employment visas at this time.

If you have been looking for an opportunity in the banking/mortgage industry, have the desire to work hard, are dedicated to your individual success, and take pride in growth within a team, then we want to hear from you!

The Senior Information Security Engineer is responsible for designing, implementing, and overseeing enterprise-wide security technologies and architecture. This role plays a key part in strengthening the organization's security posture by engineering secure systems, leading architectural reviews, and ensuring alignment with regulatory and industry standards.

In this dual-capacity role, the engineer will design and maintain cybersecurity infrastructure, while also contributing to architectural planning to embed security across cloud and on-prem environments. The position works cross-functionally with IT, DevOps, Risk, and Compliance to ensure security controls are embedded from concept to deployment. The role requires deep technical expertise, architectural thinking, and strategic guidance on cybersecurity risks and defenses.

The engineer will also support technical architecture reviews, participate in incident response, and ensure security control implementations align with GLBA, FFIEC, and NIST cybersecurity frameworks. This role requires independent decision-making, technical expertise, and the ability to advise on complex cybersecurity risks and solutions.

1. Security Architecture & Strategy – Develops scalable and secure architecture strategies aligned with business and regulatory objectives.
2. Security Engineering & Integration – Implements, configures, and maintains core security technologies across cloud and on-prem environments.
3. Threat Detection & Response – Ensures visibility into security events and leads Tier 3 investigations and response.
4. Governance & Risk Alignment – Ensures controls and implementations support GLBA, FFIEC, NIST CSF, and ISO 27001 standards.
5. Cross-Functional Collaboration – Partners across departments to embed security into solutions, infrastructure, and business operations.

• Lead or contribute to the design of secure infrastructure, cloud, and application architectures.
• Ensure security is integrated early in the system and software development lifecycles.
• Review architectural diagrams, data flows, and configurations to identify and mitigate security risks.
• Advise project teams on secure design patterns and technology choices.

• Deploy, configure, and maintain enterprise security tools such as firewalls, EDR, SIEM, DLP, CASB, MFA, and email security gateways.
• Maintain secure configurations for operating systems, endpoints, servers, and networking components across cloud and on-premises platforms.
• Automate and document repeatable processes for security controls and monitoring.

• Partner with internal or third-party SOC to monitor and tune security alerts.
• Serve as Tier 3 escalation point for incident investigation, containment, and remediation.
• Maintain forensic and investigation tools, and assist in root cause analysis and lessons learned.

• Drive vulnerability scanning, prioritization, and remediation efforts in collaboration with system owners.
• Participate in security risk assessments and contribute to risk treatment planning.
• Track and report on security risks, control effectiveness, and compliance metrics.

• Ensure that security controls and documentation align with audit and regulatory expectations.
• Assist in internal and external audit requests, evidence collection, and remediation activities.
• Contribute to policy development, control testing, and continuous improvement initiatives.

• Work with infrastructure and software teams to ensure projects adhere to security requirements.
• Provide security consulting and architectural guidance on business and technical projects.
• Deliver knowledge-sharing sessions and support IT team enablement.

• Stay current on emerging threats, technologies, and regulatory changes.
• Recommend improvements to strengthen the security posture and increase efficiency.
• Maintain confidentiality and uphold the organization’s code of conduct and security policies.

• Bachelor’s degree in information security, Computer Science, Information Systems, or related field required.
• Relevant certifications such as CISSP, GIAC, GSEC, GCIA, or CISM strongly preferred.

• Minimum of 5 years of hands-on experience in information security, cybersecurity engineering, or infrastructure security.
• Experience in financial services or mortgage banking is strongly preferred.
• Working knowledge of GLBA, FFIEC, ISO 27001, and NIST cybersecurity frameworks.

• Proficient with firewalls, SIEM, DLP, endpoint protection, MFA, and email security platforms.
• Familiarity with cloud security (Azure, AWS, or M365) tools and controls.
• Scripting or automation experience (e.g., PowerShell, Python) is a plus.

• Demonstrated ability to manage complex projects and resolve technical issues independently.
• Ability to prioritize tasks, communicate timelines, and follow through on execution.

• Strong written and verbal communication skills, especially when translating complex technical topics to non-technical stakeholders.
• Proven ability to collaborate across infrastructure, development, and operations teams.

• Ability to work flexible hours or provide after-hours support as needed for emergencies or maintenance.
• Any equivalent combination of education, experience, and training that provides the required knowledge, skills, and abilities.

Northpointe Bank recognizes that the quality of our people is the foundation for our success. We value a challenging work environment that rewards contributions and encourages growth.

It is the policy of Northpointe Bank to provide equal employment opportunities (EEO) to all persons regardless of race, color, religion, sex, national origin, age, disability, marital status, or other attributes not pertinent to the job requirements.

• Medical, Dental, Vision
• Life, LTD, & AD&D
• Dependent Care Spending Plan (DCSA)
• Employer Stock Ownership Plan with 401(k) and company match
• Complimentary Banking Services
• Tuition Assistance

AA - EOE