Position Title
Information Security Engineer

Location
Troy, MI 48098

Job Summary
The IT Security Engineer supports the design, implementation, and maintenance of enterprise-wide security solutions to protect systems, data, and users across the organization. This role contributes to the development of secure architecture, operational standards, and processes that ensure consistent and reliable protection across both cloud-based and on-premises environments. Working closely with senior engineers and cross-functional teams, the IT Security Engineer helps implement scalable and resilient security controls that align with business needs and compliance requirements. Responsibilities include monitoring, troubleshooting, and optimizing security systems, as well as assisting in the integration of new tools and technologies to strengthen the organization's overall security posture. This role is ideal for professionals looking to deepen their expertise in enterprise security while contributing to continuous improvement and operational excellence

Job Responsibilities:

IT Security Operations & Platform Support

• Support the management and optimization of enterprise IT security platforms to ensure availability, performance, and protection.
• Assist in the implementation and maintenance of security solutions across on-premises, hybrid, and multi-cloud environments.
• Apply and monitor security controls for networks, systems, applications, and data, ensuring proper integration of tools and platforms.
• Perform configuration, patching, upgrades, and health monitoring of IT security tools.
• Troubleshoot platform issues and work with vendors and internal teams to implement fixes and improvements.

System Integration & Lifecycle Management

• Collaborate with application owners and business stakeholders to support the onboarding of systems into the security ecosystem.
• Ensure secure integration of applications and services in compliance with internal policies and regulatory standards.
• Contribute to the deployment and maintenance of security solutions across diverse environments.

Automation, Governance & Cloud Enablement

• Assist in the development and execution of security automation initiatives to improve operational efficiency and reduce manual tasks.
• Support scripting and use of APIs to automate routine security functions.
• Help implement and maintain security policies, standards, and procedures, ensuring compliance with industry regulations.
• Apply cloud security to best practices and support enforcement of Zero Trust and least privilege models.

Cross-Functional Collaboration & Role Management

• Work with infrastructure, development, and operations teams to embed security into systems and application lifecycles.
• Participate in assessments of new projects and technologies to identify security implications.
• Support the implementation of Role-Based Access Control (RBAC) models under guidance from senior engineers.

Metrics, Compliance & Change Management

• Assist in creating dashboards and reports to track the effectiveness of security controls.
• Support audit activities by maintaining accurate documentation and evidence of control adherence.
• Participate in changing control processes for security systems, ensuring alignment with ITIL or similar frameworks.

Research & Innovation

• Stay informed on emerging security technologies and trends.
• Contribute ideas and feedback to help improve the organization's security posture and anticipate future challenges.

Ensures compliance with applicable federal, state and local laws and regulations. Completes all required compliance training. Maintains knowledge of and adhere to Flagstar's internal compliance policies and procedures. Takes responsibility to keep up to date with changing regulations and policies.

Job Requirements:

• Bachelor's Degree required.
• 7+ years of progressive experience supporting and implementing enterprise-scale information security solutions across diverse environments.
• 3-5 years of hands-on experience across multiple security domains, including security operations , architecture , vulnerability management , and compliance support .
• Demonstrated ability to implement secure frameworks and apply security controls in both cloud-based and on-premises environments.
• Solid understanding of cybersecurity principles , industry standards, and best practices.
• Experience in the deployment and maintenance of security infrastructures across on-premises , hybrid , and multi-cloud platforms.
• Proficiency in scripting and automation to support routine security tasks and improve operational efficiency.
• Working knowledge of regulatory compliance , including SOX (Sarbanes-Oxley) , with experience supporting audit readiness through documentation and technical safeguards.
• Proven ability to collaborate with cross-functional teams , assist in risk assessments, and contribute to automation efforts that enhance provi sioning, certification, and governance processes.
• Solid working knowledge of Information Security policies, standards, and procedures, with experience applying them in day-to-day operations.
• Experience supporting the implementation of IT Security frameworks aligned with regulatory requirements such as NIST, ISO 27001, SOX, and HIPAA.
• Hands-on technical proficiency in deploying and maintaining security solutions across enterprise environments.

Job Competencies:

• Strong analytical and problem-solving skills, with the ability to address complex security issues and contribute to effective solutions within established frameworks.
• Solid experience in security architecture and implementation, with working knowledge across diverse technological environments.
• Familiarity with threat analysis, incident response, and digital forensics, with a focus on supporting proactive security measures and operational resilience.
• Effective team collaborator, capable of supporting technical direction and contributing to shared goals across multi-disciplinary teams.
• Clear and concise written and verbal communication skills, with the ability to convey technical concepts to peers and stakeholders.
• Demonstrates the ability to build productive relationships with internal teams and stakeholders through proactive communication and collaborative problem-solving.
• Focused on aligning day-to-day security efforts with broader organizational objectives to support performance and compliance.
• Committed to delivering client-focused solutions, whether internal or external, by understanding requirements and contributing to secure, scalable implementations.
• Capable of managing and prioritizing multiple security tasks and projects, ensuring timely execution and alignment with team goals.
• Strong understanding of IAM/PAM principles, including Zero Trust, least privilege, RBAC, JIT access, and identity lifecycle management.
• Ability to contribute to access management initiatives, evaluate technical options, and support communication of strategies to stakeholders.
• Experience collaborating with senior engineers and contributing to knowledge sharing and best practices within the team.
• Working knowledge of relational databases (e.g., SQL Server, Oracle), with experience writing queries and analyzing access-related data for audits and reporting.
• Proficient in producing clear documentation and reports, including security assessments and actionable recommendations.
• Effective communicator and team player, able to engage with business stakeholders to gather requirements and resolve access-related issues.
• Supports cross-functional teams in the design and implementation of secure access controls, contributing technical insights and execution support.
• Demonstrated ability to assist in risk assessments, identifying access-related risks and supporting mitigation strategies.
• Strong analytical and problem-solving skills, with attention to detail in access reviews, audits, and investigations.
• Willingness to participate in On-Call support, including incident response and troubleshooting IAM/PAM issues outside business hours.
• Familiarity with financial systems (e.g., mortgage lending, funding, closing platforms) is a plus, especially in regulated environments.
• Performs assigned projects and additional responsibilities as needed to support security operations.
• Adheres to compliance policies and standards, completing required training and maintaining awareness of applicable laws and regulations.
• Supports architectural decisions and technical standards under guidance from senior engineers, contributing to the resolution of complex security challenges.

Flagstar is an Equal Opportunity Employer

Flagstar provides teammates access to a variety of benefits including medical, dental, vision, life, and disability insurance, as well as a comprehensive leave program. Please click the following link for detailed information: Benefits | Flagstar Bank