Talent.com
Information Security Engineer
Information Security EngineerTransPecos Banks • San Antonio, TX, US
Information Security Engineer

Information Security Engineer

TransPecos Banks • San Antonio, TX, US
10 hours ago
Job type
  • Full-time
Job description

Job Description

Job Description

Job Title : Information Security Engineer

This position is an on-site assignment (preferred).

Summary :

The Information Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the bank's systems, data, and infrastructure. This role supports threat detection, vulnerability management, incident response, Secure Development Lifecycle (SDLC), and compliance with financial industry regulations using a modern banking tech stack.

Wage Type : Salaried

Essential Duties & Responsibilities :

To perform this job successfully, an individual must be able to perform each of the essential duties satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Security Architecture & Engineering

Design and manage security controls across hybrid environments (on-prem + cloud).

  • Implement and maintain security tools and technologies including :

    • Firewalls

  • Endpoint Protection
  • Security Incident Management and Threat Intelligence
  • Data Loss Prevention
  • Identity & Access Management
  • Collaborate with DevOps to embed security in the SDLC and CI / CD pipelines including code testing and scanning (DAST / SAST).

    • Experience working with agile DevOps teams.

  • Experience with programming languages (Python, Powershell, etc.)
  • Threat & Vulnerability Management

    • Lead Vulnerability Management processes including conducting regular vulnerability scans, penetration tests, and consistent processes for timely remediation.

  • Perform ongoing, day to day monitoring, logging, and disposition of security alerts to ensure timely response to security vulnerabilities and threats.
  • Mature threat intelligence strategy, analyze threat intelligence feeds and respond to emerging threats in accordance with the bank's risk and threat landscape.
  • Track remediation efforts in alignment with defined service level objectives.
  • Security Incident Response & Monitoring

    • Manage processes for investigating, escalating, and resolving security alerts from SIEM and EDR platforms.

  • Implement and enforce secure logging and monitoring standards.
  • Lead forensic analysis and containment efforts.
  • Maintain playbooks and runbooks for incident response.
  • Compliance & Risk Management

    • Ensure compliance with federal and state banking security regulations and security industry standards including but not limited to FFIEC, NIST, GDPR, HIPAA, PCI-DSS, OWASP and SOC 2.

  • Support internal and external audits.
  • Maintain documentation for security controls and processes.
  • Lead cyber risk and threat intelligence reporting including relevant Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
  • Cloud & Third-Party Security

    • Secure workloads cloud environments and continuously maintain a proactive cloud security posture aligned to regulatory expectations and industry standards.

  • Support third party security risk assessments and internal enforcing security requirements.
  • Carries out responsibilities in a manner consistent with our values and operating principles, in accordance with policy and applicable laws, and with a commitment to commitment to continuous improvement and process excellence.
  • Any other duties as assigned.

    • Organizational Structure :

    Reports to : Chief Information Security Officer

    Supervises : NA

    Qualifications : Education :

  • Bachelor's degree in Computer Science, Engineering, Management Information Systems, or related field

    • Required Knowledge / Skills :

  • Deep expertise building, securing, monitoring, and scaling workloads in AWS, Azure, and MuleSoft.
  • Deep understanding of security principles, best practices, and compliance standards including OWASP top 10, NIST CSF 2.0, and other industry frameworks.
  • Demonstrated ability to implement and enforce security policies and practices.
  • Proficiency with implementing, configuring, and managing security tools to optimize technology enablement including SIEM, EDR, DLP, IDS, Vulnerability Management and AWS cloud security tools (i.e., MXDR, AWS Cloud Security, Nightfall, New Relic, MS Azure, Purview, Defender, etc.).
  • Experience with Terraform and Infrastructure as Code including creating and maintaining modules.
  • Proficiency with maintaining SDLC processes with CI / CD tooling in accordance with financial services regulatory expectations and industry standards.
  • Strong understanding of networking, encryption, access controls, and authentication mechanisms.
  • Proficiency with networking concepts, security best practices, and compliance standards.
  • Strong scripting experience in Python, PowerShell, Bash, or other scripting language
  • CISSP, CISM, CEH, GIAC, Microsoft SC-200, or equivalent.
  • Experience with Agile methodologies and leading Agile teams.
  • Ability to analyze information and make logical recommendations.

    • Desired Skills :

  • Experience working in Information Security at a bank or in another highly regulated industry.

    • Desired Experiences :

  • 8+years working in information or cyber security departments at a financial services institution or other highly regulated industry.
  • 5+ years of relevant experience in DevOps, SecOps, or similar roles, with a strong focus on AWS cloud services.
  • 3+ years of experience in a leadership role
  • 3+ years of experience in one or more domains in security :

    • Security Architecture and Engineering

  • Incident Response and Monitoring
  • Threat and Vulnerability Management

    • Talents :

  • Ability to think creatively, stimulate new ideas and challenge existing thinking.
  • Excellent leadership, communication, and interpersonal skills.
  • Ability to present information to wide variety of audiences, including senior management.
  • Strong positivity
  • Mission driven, competitive, goal oriented, enthusiastic, and motivated to develop themselves and others.
  • Energetic, resourceful, and appropriate work intensity to get the work done.
  • Organized, detail-oriented, and able to focus in distracting environments.
  • Curious natured and willing to try and enjoy new experiences.
  • Strong people acumen and relationship skills; naturally pre-disposed to quickly establish positive personal and professional relationships.

    • Other :

  • Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form.
  • Must be able to lift to 20 pounds.

    • TransPecos Banks will not accept unsolicited resumes from any source other than the candidate. We will consider any candidate for whom an Agency submits an unsolicited resume, to have been referred to us by the Agency free of any charges or fees, other than those agencies we engage on a specific search. TransPecos Banks will not pay a fee for any placement resulting from the receipt of an unsolicited resume.

    Create a job alert for this search

    Information Security Engineer • San Antonio, TX, US