Senior Information Security Engineer
Apply NowCompany: Northpointe Bank
Location: Grand Rapids, MI 49504
Description:
The POWER of a CAREER! Northpointe Bank is seeking a detail oriented, customer service minded individual to join our team as a Senior Information Security Engineer. This position requires an individual who has the desire to make a difference within the organization. An exceptional ability to grasp new concepts and learn while providing excellent service is critical for this position.
If you have been looking for an opportunity in the banking/mortgage industry, have the desire to work hard, are dedicated to your individual success, and take pride in the achievement and growth within a team, then we want to hear from you!!!
The Senior Information Security Engineer is responsible for the design, implementation, and oversight of enterprise-wide security technologies and architecture. This role plays a key part in strengthening the organization's security posture by engineering secure systems, leading architectural reviews, and ensuring alignment with regulatory and industry standards.
In this dual-capacity role, the engineer will design and maintain cybersecurity infrastructure, while also contributing to architectural planning to embed security across cloud and on-prem environments. The position works cross-functionally with IT, DevOps, Risk, and Compliance to ensure security controls are embedded from concept to deployment. The role requires deep technical expertise, architectural thinking, and strategic guidance on cybersecurity risks and defenses.
The engineer will also support technical architecture reviews, participate in incident response, and ensure security control implementations align with GLBA, FFIEC, and NIST cybersecurity frameworks. This role requires independent decision-making, technical expertise, and the ability to advise on complex cybersecurity risks and solutions.
Key Competencies
Security Architecture & Strategy - Develops scalable and secure architecture strategies aligned with business and regulatory objectives.
Security Engineering & Integration - Implements, configures, and maintains core security technologies across cloud and on-prem environments.
Threat Detection & Response - Ensures visibility into security events and leads Tier 3 investigations and response.
Governance & Risk Alignment - Ensures controls and implementations support GLBA, FFIEC, NIST CSF, and ISO 27001 standards.
Cross-Functional Collaboration - Partners across departments to embed security into solutions, infrastructure, and business operations.
Responsibilities:
Security Architecture & Design
Lead or contribute to the design of secure infrastructure, cloud, and application architectures.
Ensure security is integrated early in the system and software development lifecycles.
Review architectural diagrams, data flows, and configurations to identify and mitigate security risks.
Advise project teams on secure design patterns and technology choices.
Security Technology Engineering
Deploy, configure, and maintain enterprise security tools such as firewalls, EDR, SIEM, DLP, CASB, MFA, and email security gateways.
Maintain secure configurations for operating systems, endpoints, servers, and networking components across cloud and on-premises platforms.
Automate and document repeatable processes for security controls and monitoring.
Threat Detection & Incident Response
Partner with internal or third-party SOC to monitor and tune security alerts.
Serve as Tier 3 escalation point for incident investigation, containment, and remediation.
Maintain forensic and investigation tools, and assist in root cause analysis and lessons learned.
Vulnerability & Risk Management
Drive vulnerability scanning, prioritization, and remediation efforts in collaboration with system owners.
Participate in security risk assessments and contribute to risk treatment planning.
Track and report on security risks, control effectiveness, and compliance metrics.
Compliance & Audit Readiness
Ensure that security controls and documentation align with audit and regulatory expectations.
Assist in internal and external audit requests, evidence collection, and remediation activities.
Contribute to policy development, control testing, and continuous improvement initiatives.
Collaboration & Security Consulting
Work with infrastructure and software teams to ensure projects adhere to security requirements.
Provide security consulting and architectural guidance on business and technical projects.
Deliver knowledge-sharing sessions and support IT team enablement.
Professional Standards & Continuous Improvement
Stay current on emerging threats, technologies, and regulatory changes.
Recommend improvements to strengthen the security posture and increase efficiency.
Maintain confidentiality and uphold the organization's code of conduct and security policies.
Compliance and Professional Standards
Meet established standards and guidelines regarding compliance, job knowledge, quality, attendance, efficiency, initiative, customer service, and overall performance.
Maintain confidentiality and data integrity while adhering to compliance standards in risk reporting and analysis.
Maintain up-to-date knowledge of compliance rules and regulations, including internal policies and procedures.
Requirements:
Education & Certification
Bachelor's degree in information security, Computer Science, Information Systems, or related field required.
Relevant certifications such as CISSP, GIAC, GSEC, GCIA, or CISM strongly preferred.
Experience & Industry Knowledge
Minimum of 5 years of hands-on experience in information security, cybersecurity engineering, or infrastructure security.
Experience in financial services or mortgage banking is strongly preferred.
Working knowledge of GLBA, FFIEC, ISO 27001, and NIST cybersecurity frameworks.
Technical Expertise
Proficient with firewalls, SIEM, DLP, endpoint protection, MFA, and email security platforms.
Familiarity with cloud security (Azure, AWS, or M365) tools and controls.
Scripting or automation experience (e.g., PowerShell, Python) is a plus.
Project Management & Problem-Solving Skills
Demonstrated ability to manage complex projects and resolve technical issues independently.
Ability to prioritize tasks, communicate timelines, and follow through on execution.
Communication & Teamwork
Strong written and verbal communication skills, especially when translating complex technical topics to non-technical stakeholders.
Proven ability to collaborate across infrastructure, development, and operations teams.
Other Requirements
Ability to work flexible hours or provide after-hours support as needed for emergencies or maintenance.
Any equivalent combination of education, experience, and training that provides the required knowledge, skills, and abilities.
Our Hiring Philosophy:
Northpointe Bank recognizes that the quality of our people is the foundation for our success. Attracting individuals who value a challenging work environment that rewards the contributions of its people is the cornerstone of our hiring philosophy.
It is the policy of Northpointe Bank and its subsidiaries to provide equal employment opportunities (EEO) to all persons regardless of age, race, sex, religion, national origin, handicap, marital status, or other attributes not pertinent to the job requirements. This policy reflects our practice of making all employment decisions, from recruitment to promotions, based on an individual's qualifications without discrimination on any basis.
Benefit Information:
Medical
Dental
Vision
Life, LTD, & AD&D
Dependent Care Spending Plan (DCSA)
Employer Stock Ownership Plan with 401(k) feature and company match
Complimentary Banking Services
Tuition Assistance
AA - EOE
If you have been looking for an opportunity in the banking/mortgage industry, have the desire to work hard, are dedicated to your individual success, and take pride in the achievement and growth within a team, then we want to hear from you!!!
The Senior Information Security Engineer is responsible for the design, implementation, and oversight of enterprise-wide security technologies and architecture. This role plays a key part in strengthening the organization's security posture by engineering secure systems, leading architectural reviews, and ensuring alignment with regulatory and industry standards.
In this dual-capacity role, the engineer will design and maintain cybersecurity infrastructure, while also contributing to architectural planning to embed security across cloud and on-prem environments. The position works cross-functionally with IT, DevOps, Risk, and Compliance to ensure security controls are embedded from concept to deployment. The role requires deep technical expertise, architectural thinking, and strategic guidance on cybersecurity risks and defenses.
The engineer will also support technical architecture reviews, participate in incident response, and ensure security control implementations align with GLBA, FFIEC, and NIST cybersecurity frameworks. This role requires independent decision-making, technical expertise, and the ability to advise on complex cybersecurity risks and solutions.
Key Competencies
Security Architecture & Strategy - Develops scalable and secure architecture strategies aligned with business and regulatory objectives.
Security Engineering & Integration - Implements, configures, and maintains core security technologies across cloud and on-prem environments.
Threat Detection & Response - Ensures visibility into security events and leads Tier 3 investigations and response.
Governance & Risk Alignment - Ensures controls and implementations support GLBA, FFIEC, NIST CSF, and ISO 27001 standards.
Cross-Functional Collaboration - Partners across departments to embed security into solutions, infrastructure, and business operations.
Responsibilities:
Security Architecture & Design
Lead or contribute to the design of secure infrastructure, cloud, and application architectures.
Ensure security is integrated early in the system and software development lifecycles.
Review architectural diagrams, data flows, and configurations to identify and mitigate security risks.
Advise project teams on secure design patterns and technology choices.
Security Technology Engineering
Deploy, configure, and maintain enterprise security tools such as firewalls, EDR, SIEM, DLP, CASB, MFA, and email security gateways.
Maintain secure configurations for operating systems, endpoints, servers, and networking components across cloud and on-premises platforms.
Automate and document repeatable processes for security controls and monitoring.
Threat Detection & Incident Response
Partner with internal or third-party SOC to monitor and tune security alerts.
Serve as Tier 3 escalation point for incident investigation, containment, and remediation.
Maintain forensic and investigation tools, and assist in root cause analysis and lessons learned.
Vulnerability & Risk Management
Drive vulnerability scanning, prioritization, and remediation efforts in collaboration with system owners.
Participate in security risk assessments and contribute to risk treatment planning.
Track and report on security risks, control effectiveness, and compliance metrics.
Compliance & Audit Readiness
Ensure that security controls and documentation align with audit and regulatory expectations.
Assist in internal and external audit requests, evidence collection, and remediation activities.
Contribute to policy development, control testing, and continuous improvement initiatives.
Collaboration & Security Consulting
Work with infrastructure and software teams to ensure projects adhere to security requirements.
Provide security consulting and architectural guidance on business and technical projects.
Deliver knowledge-sharing sessions and support IT team enablement.
Professional Standards & Continuous Improvement
Stay current on emerging threats, technologies, and regulatory changes.
Recommend improvements to strengthen the security posture and increase efficiency.
Maintain confidentiality and uphold the organization's code of conduct and security policies.
Compliance and Professional Standards
Meet established standards and guidelines regarding compliance, job knowledge, quality, attendance, efficiency, initiative, customer service, and overall performance.
Maintain confidentiality and data integrity while adhering to compliance standards in risk reporting and analysis.
Maintain up-to-date knowledge of compliance rules and regulations, including internal policies and procedures.
Requirements:
Education & Certification
Bachelor's degree in information security, Computer Science, Information Systems, or related field required.
Relevant certifications such as CISSP, GIAC, GSEC, GCIA, or CISM strongly preferred.
Experience & Industry Knowledge
Minimum of 5 years of hands-on experience in information security, cybersecurity engineering, or infrastructure security.
Experience in financial services or mortgage banking is strongly preferred.
Working knowledge of GLBA, FFIEC, ISO 27001, and NIST cybersecurity frameworks.
Technical Expertise
Proficient with firewalls, SIEM, DLP, endpoint protection, MFA, and email security platforms.
Familiarity with cloud security (Azure, AWS, or M365) tools and controls.
Scripting or automation experience (e.g., PowerShell, Python) is a plus.
Project Management & Problem-Solving Skills
Demonstrated ability to manage complex projects and resolve technical issues independently.
Ability to prioritize tasks, communicate timelines, and follow through on execution.
Communication & Teamwork
Strong written and verbal communication skills, especially when translating complex technical topics to non-technical stakeholders.
Proven ability to collaborate across infrastructure, development, and operations teams.
Other Requirements
Ability to work flexible hours or provide after-hours support as needed for emergencies or maintenance.
Any equivalent combination of education, experience, and training that provides the required knowledge, skills, and abilities.
Our Hiring Philosophy:
Northpointe Bank recognizes that the quality of our people is the foundation for our success. Attracting individuals who value a challenging work environment that rewards the contributions of its people is the cornerstone of our hiring philosophy.
It is the policy of Northpointe Bank and its subsidiaries to provide equal employment opportunities (EEO) to all persons regardless of age, race, sex, religion, national origin, handicap, marital status, or other attributes not pertinent to the job requirements. This policy reflects our practice of making all employment decisions, from recruitment to promotions, based on an individual's qualifications without discrimination on any basis.
Benefit Information:
Medical
Dental
Vision
Life, LTD, & AD&D
Dependent Care Spending Plan (DCSA)
Employer Stock Ownership Plan with 401(k) feature and company match
Complimentary Banking Services
Tuition Assistance
AA - EOE