Sr. Information Security Engineer
Indexed description
As a Senior Information Security Engineer, you will play a key role in designing, implementing, and maintaining security solutions that protect the company’s systems, data, and infrastructure. You’ll work closely with IT, compliance, and business teams to ensure the organization meets regulatory requirements and maintains a strong security posture in a highly regulated mortgage environment.
Essential Duties and Responsibilities:
- Design and implement security controls across networks, systems, and applications to protect against internal and external threats.
- Lead vulnerability management efforts, including scanning, analysis, remediation, and reporting.
- Monitor and respond to security incidents, conduct root cause analysis, and implement corrective actions.
- Manage and optimize security tools such as SIEM, EDR, firewalls, DLP, and identity access management systems.
- Manage security awareness training programs.
- Lead security engagements for ongoing penetration tests (internal, external, web app, cloud, and AI).
- Collaborate with infrastructure and application teams to ensure secure architecture and configurations.
- Support compliance initiatives related to GLBA, SOX, FFIEC, NIST, and other mortgage industry regulations.
- Conduct risk assessments and security reviews for new technologies, vendors, and projects.
- Develop and maintain security documentation, including policies, procedures, and technical standards.
- Mentor junior security staff and contribute to security awareness training across the organization.
- Stay current on emerging threats, vulnerabilities, and regulatory changes impacting the mortgage industry.
- undefined
- Bachelor’s degree in Information Security, Computer Science, or related field, or relevant certifications (e.g., SC-100, CompTIA Pro or X Series, CISSP, CEH, GIAC) and job experience.
- 5+ years of experience in information security engineering or cybersecurity roles.
- Strong knowledge of security frameworks (NIST, ISO 27001), tools, and best practices.
- Hands-on experience with Azure cloud security, endpoint protection, and network security.
- Hands-on experience with vulnerability remediation, validation, and tools (e.g., Nmap, Kali Linux, Burp Suite).
- Strong networking fundamentals (IP addressing, subnetting, VLANs, DMZs, protocols, firewall ports, NAT, RADIUS, WAP).
- Strong knowledge of PowerShell.
- Strong knowledge, management, and optimization of SIEM platforms (e.g., Sentinel, AlienVault).
- Strong knowledge of vulnerability management platforms (e.g., Tenable, Rapid7, Qualys).
- Familiarity with regulatory requirements in the mortgage or financial services industry.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work independently and collaboratively in a compliance-driven environment.
- Paid Time Off (PTO)
- Medical, Dental &Vision
- Employee Assistance Program
- Flexible Spending Account
- Health Savings Account
- Paid Holidays
- Company paid Life Insurance
- Matching 401(k) Plan
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search