Information Security Engineer

City Bank•Lubbock, TX

22h•Onsite

About The Position

The Information Security Engineer is responsible for the design, implementation, operation, and continuous improvement of the Bank’s information security program. This role provides hands-on engineering and operational ownership across security domains, including security operations, threat and vulnerability management, identity and access management, incident response, cloud security, and AI governance. The Information Security Engineer serves as a key technical resource responsible for securing enterprise systems, managing and optimizing security technologies, and ensuring alignment with regulatory requirements and emerging threats. This position operates with a high degree of autonomy and accountability and collaborates closely with IT, Risk, and business units.

Requirements

Design, implement, and maintain enterprise security controls and technologies.
Monitor security systems, analyze logs and alerts, and perform investigations.
Continuously improve detection and response capabilities.
Perform vulnerability scanning, threat monitoring, and risk analysis.
Prioritize, track, and coordinate remediation activities with IT and business stakeholders.
Lead incident response activities, including investigation, containment, eradication, and recovery.
Perform forensic analysis and document findings.
Participate in after-hours response as needed.
Own and administer the Bank’s Identity and Access Management (IAM) program.
Design and enforce identity governance, provisioning, deprovisioning, authentication, and authorization controls.
Manage role-based access models, privileged access management, and identity lifecycle processes.
Ensure access decisions align with least privilege and regulatory expectations.
Oversee access certifications and continuously improve identity control effectiveness.
Support and administer governance processes for AI systems and tools used within the Bank.
Maintain inventory, risk classification, and monitoring of AI agents and solutions.
Ensure alignment with internal policies, regulatory expectations, and model risk management requirements.
Collaborate with stakeholders to evaluate and onboard new AI use cases securely.
Design, implement, and maintain cloud security controls aligned with the Bank’s architecture.
Monitor cloud environments for misconfigurations, threats, and compliance issues.
Administer and optimize security technologies, including firewalls, endpoint security platforms, and related tools.
Evaluate and implement new security solutions as needed.
Support oversight of data protection, classification, and retention practices.
Assist in the management and reporting of tools supporting data governance.
Develop and present security metrics, dashboards, and reports for leadership, committees, and auditors.
Support risk reporting and program maturity tracking.
Support the development and execution of security awareness and training programs.
Track effectiveness and recommend improvements.
Participate in vendor onboarding, risk assessments, and ongoing monitoring activities.
Support administration of vendor risk management tools.
Support business continuity and disaster recovery planning, testing, and improvement efforts.

Responsibilities

Design, implement, and maintain enterprise security controls and technologies.
Monitor security systems, analyze logs and alerts, and perform investigations.
Continuously improve detection and response capabilities.
Perform vulnerability scanning, threat monitoring, and risk analysis.
Prioritize, track, and coordinate remediation activities with IT and business stakeholders.
Lead incident response activities, including investigation, containment, eradication, and recovery.
Perform forensic analysis and document findings.
Participate in after-hours response as needed.
Own and administer the Bank’s Identity and Access Management (IAM) program.
Design and enforce identity governance, provisioning, deprovisioning, authentication, and authorization controls.
Manage role-based access models, privileged access management, and identity lifecycle processes.
Ensure access decisions align with least privilege and regulatory expectations.
Oversee access certifications and continuously improve identity control effectiveness.
Support and administer governance processes for AI systems and tools used within the Bank.
Maintain inventory, risk classification, and monitoring of AI agents and solutions.
Ensure alignment with internal policies, regulatory expectations, and model risk management requirements.
Collaborate with stakeholders to evaluate and onboard new AI use cases securely.
Design, implement, and maintain cloud security controls aligned with the Bank’s architecture.
Monitor cloud environments for misconfigurations, threats, and compliance issues.
Administer and optimize security technologies, including firewalls, endpoint security platforms, and related tools.
Evaluate and implement new security solutions as needed.
Support oversight of data protection, classification, and retention practices.
Assist in the management and reporting of tools supporting data governance.
Develop and present security metrics, dashboards, and reports for leadership, committees, and auditors.
Support risk reporting and program maturity tracking.
Support the development and execution of security awareness and training programs.
Track effectiveness and recommend improvements.
Participate in vendor onboarding, risk assessments, and ongoing monitoring activities.
Support administration of vendor risk management tools.
Support business continuity and disaster recovery planning, testing, and improvement efforts.