Security Engineer

Summary Design and support secure infrastructure across cloud and on-prem environments while managing key security tools and processes. This role focuses on integrating security into development workflows, responding to incidents, and driving automation to improve efficiency. Success in this position requires strong scripting skills, a collaborative mindset, and a solid understanding of modern security practices and compliance standards. ESSENTIAL DUTIES AND RESPONSIBILITIES Engineer and sustain a hybrid‑security architecture that protects on‑premises infrastructure, Microsoft Azure services, and Microsoft 365, ensuring high availability and documented secure baselines. Serve as the primary security‑engineering liaison to the managed SOC, refining detection logic, tuning alert thresholds, and providing Tier‑3 escalation support for complex incidents. Administer and optimize core security platforms including; endpoint protection, network detection, email/web filtering, firewalls, VPN, and backup / DR systems. Embed DevSecOps controls into CI/CD pipelines (Azure DevOps), integrating SAST, DAST, secret‑scanning, IaC checks, and policy gate reviews; facilitate threat modeling and secure‑code standards with development teams. Run the vulnerability‑management program: schedule scans, validate and risk‑rank findings, drive remediation with system owners, and report key metrics to the CISO. Govern identity and privileged access across on‑prem Active Directory and Microsoft Entra ID (Azure AD); enforce least‑privilege roles, MFA, periodic entitlement reviews, and break‑glass account processes. Administer enterprise Data Loss Prevention (DLP) and information‑protection controls for Microsoft Purview/M365, endpoints, and web gateways by defining policies and tuning detectors. Manage encryption and certificate services, including PKI, TLS endpoint configuration, and key‑vault operations, ensuring timely renewal and compliance with regulatory standards. Automate and document security workflows using PowerShell, Python, or Terraform (e.g., configuration drift checks, compliance evidence collection) to reduce manual effort and improve consistency. Contribute to incident‑response readiness by maintaining runbooks, participating in tabletop exercises, and coordinating post‑incident root‑cause analysis and lessons learned. Develop and maintain security policies, standards, and procedures aligned to NIST CSF, FFIEC, and FDIC guidance; provide audit evidence and executive‑level control‑effectiveness reporting. Collaborate with IT teams to ensure security is integrated into all infrastructure and application deployments. ADDITIONAL RESPONSIBILITIES Demonstrates high degree of professionalism in communication, attitude and teamwork with customers, peers, and management Demonstrates the ability to work independently with minimal supervision Demonstrates the ability to work in a dynamic environment capable of managing multiple IT related projects simultaneously Demonstrates high level of quality work, attendance, and appearance Adheres to all Company Policies & Procedures and Safety Regulations Adheres to local, state, and federal laws Understands and complies with all company rules and regulations Attends training and maintains a basic knowledge of procedures to ensure compliance with laws and regulations governing financial institutions, as they apply to your position and job responsibilities, with an emphasis on the BSA/AML/CIP, Consumer Privacy, Regulation CC, Information Security, Bank Protection Act, FACT-Identity Theft, Information Technology and GLBA. Additional duties as assigned as it relates to the position SUPERVISORY RESPONSIBILITIES This position does not have supervisory responsibilities MINIMUM QUALIFICATIONS A bachelor’s degree in computer science or information systems 5+ years equivalent experience required COMPETENCIES: Adaptability Communication Decision Making Initiative Innovation Motivator Organization Professionalism Results Orientated PHYSICAL DEMANDS: In general, the following physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to allow differently-abled individuals to perform the essential functions of the job. Standing, walking, and squatting less than fifty percent of the work shift Required to lift, move, and carry up to 40 pounds Ability to read, count and write to accurately complete all documentation and reports Must be able to see, hear and speak in order to communicate with employees and other customers Specific vision abilities include close vision, distance vision, peripheral vision, depth perception and ability to adjust focus Manual dexterity required using hands to finger; handle, feel and type; reach with hands and arms (Check the box that applies by double clicking on the box.) Sedentary: Limited activity, no lifting, limited walking Moderate: Mostly standing, walking, bending, frequent lifting X Light: Office work, some lifting, bending, stooping, or kneeling, walking Arduous: Heavy lifting, bending, crawling, climbing WORK ENVIRONMENT: In general, the following conditions of the work environment are representative of those that an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to allow differently-abled individuals to perform the essential functions of the job within the environment. The workspace is clean, orderly, properly lighted and ventilated with the proper safety compliance Noise levels are considered moderate Sunwest Bank Is an Equal Opportunity Employer Sunwest Bank works with staff members and customers without regard to race, ancestry, national origin, sex, marital status, age, religion, medical condition, handicap, disability, or veteran status and to assist the Bank in maintaining its Affirmative Action Program. Compliance with Bank Secrecy Act laws and regulations is considered an extremely serious matter, and it is intended that Sunwest Bank, through the purposeful efforts of its employees and officers, are expected to make every resolute attempt to conform to its Bank Secrecy Act Program and Procedures. Failure to comply will be reflected in their performance review as well as in any bonus compensation programs in which they may participate. Attend and complete all required classroom, computer-based, web-based and seminar training. It is the individual responsibility of every employee to maintain a current awareness and understanding of and to fully comply with Sunwest Bank’s “Code of Ethics and Conduct.” Each employee is also expected to maintain an awareness of the laws, regulations, internal policies, and procedures that are appropriate for his/her position Note: The preceding job description has been designed to indicate the general nature and level and work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. All job descriptions can be amended without notice as warranted by business necessity.