Corporate Information Security Engineer Team Lead

Internal Only Information

Please note: this position is open to the Information Security Engineer team only.

About the Role

Summary

Recommend appropriate security solutions, security enhancements, and purchases. Monitors emerging products, technologies, or best practices that will improve security for the organization and its stakeholders. Stay up-to-date on the latest threat intelligence, in order to anticipate and defend again new security threats. Evaluate emerging AI capabilities and their impact on enterprise risk, operational processes, and user adoption. Ensures AI technologies are implemented in alignment with business objectives, data protection requirements, and regulatory expectations while maintaining appropriate human oversight. Provide leadership and mentoring to Information Security staff and other IT staff members to promote high levels of security knowledge and awareness. Provide senior level expertise in maintaining enterprise firewalls, securing public cloud infrastructure, intrusion detection/prevention, SIEM, and other security operations systems. Analyze, research, and report on attempted efforts to compromise security controls. This includes reporting and researching deviations from GBCI policy, standards, IT risk management initiatives, and best practices. Performs or participates in security audits, identifies security gaps, and develops and implements risk mitigation solutions. The ability to motivate or influence internal or external senior level professionals is a critical part of the job, requiring a significant level of influence and trust. Obtaining cooperation and agreement on important outcomes via frequently complex, senior level dialogues, as well as a professional level of written communication skills are essential to the position.

This is a Corporate position which may be located in an available bank division across our nine-state footprint in AZ, CO, ID, MT, NV, TX, UT, WA, or WY. The entry rate for this position is $98,243.79 + / year (calculated for Kalispell, MT). Click here to learn more about our bank divisions.

All compensation offers are analyzed individually and take into consideration multiple factors including but not limited to geographic location, years of experience, and educational background.

WA Applicants ONLY: $107,009.76 to $160,514.63 per year.

Duties and Responsibilities

• Administer, maintain, and improve enterprise security platforms and supporting systems, including next-generation firewalls, endpoint detection and response tools, host-based firewall controls, secure access service edge platforms, secure enterprise browser solutions, email security gateways, privileged access management platforms, security information and event management integrations, SaaS access controls, AI-enabled platforms, AI-integrated applications, automation tools, and supporting security infrastructure. Ensure secure configuration, controlled data access, and appropriate logging and monitoring of AI-related activity. Coordinate platform upgrades, cutovers, replacements, decommissions, configuration changes, and vendor-supported troubleshooting.
• Design, implement, validate, and troubleshoot network security rules, host-based firewall policies, microsegmentation controls, application traffic flows, and firewall policy changes. Support new server requests, SaaS access-control requirements, virtual desktop and endpoint traffic needs, next-generation firewall and endpoint security troubleshooting, and investigation of blocked or malfunctioning services.
• Research and develop methods to mature from traditional network security monitoring to a continuous security monitoring model. Develop and improve SIEM monitoring, reporting, alerting, and offense-resolution capabilities. Develop and enhance monitoring capabilities to detect misuse or anomalous activity related to AI systems, including unauthorized data input, abnormal automation behavior, or integration misuse. Incorporate AI-related telemetry, logs, and activity patterns into SIEM detection use cases and continuous monitoring frameworks. Assist with hunt activities to identify evidence of post-exploitation activity. Perform or support network packet analysis and network forensic review in accordance with department policies and procedures.
• Assist in network and system investigations in response to information security event notifications, SIEM alerts, endpoint security alerts, firewall events, and other security incidents in accordance with the GBCI Incident Response Plan. Analyze logs, traffic behavior, endpoint-control behavior, authentication symptoms, and application access patterns to identify root cause and remediation options.
• Assist in developing and proposing information technology strategy and secure design solutions that provide a secure environment while supporting high user adoption. Research and recommend information security and privacy technologies, security products, best practices, and design patterns. Provide consulting and expertise to project teams for enterprise architecture, security strategy, SaaS/cloud security, network security, endpoint security, email security, identity security, data protection, and secure design principles and architecture patterns for AI technologies, including generative AI, machine learning services, and AI-enabled automation. Provide risk-based guidance on AI adoption, including data usage restrictions, model risk considerations, and appropriate control requirements for AI-enabled solutions.
• Analyze, research, and conduct short- and medium-range planning for new security hardware and software products. Coordinate with vendors and service providers to evaluate capabilities, resolve technical issues, support renewals, plan migrations, and assess whether products align with business, security, operational, and compliance needs. Conduct security and risk assessments of AI-enabled vendor products and services, including evaluation of data handling, model behavior, training practices, and integration risk. Ensure third-party AI technologies comply with organizational requirements for approved use, disclosure, and data protection.
• Create, review, support, and implement change requests and change tasks for security systems, firewall policies, endpoint controls, SIEM communications, server replacements, email security controls, SaaS access controls, and other security-impacting work. Ensure changes include appropriate justification, implementation plans, validation steps, backout plans, scheduling, approvals, and communication requirements. Ensure all AI technologies, integrations, and enhancements are reviewed, approved, and implemented through established governance and change management processes.
• Help ensure the Information Security portion of IT audits and exams meets or exceeds satisfactory ratings. Provide evidence, walkthroughs, technical explanations, control documentation, configuration documentation, and remediation support. Assist management with creation and maintenance of security operations procedures, risk assessments, security policies, architecture diagrams, system configuration documentation, and disaster recovery runbooks in accordance with GBCI policies and industry best practices.
• Provide direction and mentoring to Information Security staff on technical issues, architecture, priorities, operational practices, and incident handling. Serve as a senior technical escalation point and war room lead, assist with prioritizing team workload, represent Information Security Operations in technical and change-management discussions, and help ensure consistent handling of incidents, requests, and operational tasks. Provide guidance to Information Security and IT staff on secure and responsible use of AI technologies, including acceptable use, risk awareness, and operational considerations. Promote awareness of AI-related risks, including unauthorized usage, data exposure, and regulatory implications.
• Comply with all company policies and procedures and all applicable laws and regulations, including but not limited to the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Complete assigned online training courses and achieve passing scores by required due dates. Maintain role-relevant technical knowledge through ongoing training and professional development

About You

Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education

Required/Preferred

Education Level

Description

Required

Bachelor’s Degree

Information Technology, preferably in Information Systems; Information Assurance; or Information Security.

Experience

Required/Preferred

Experience Level

Description

Required

5 years

Experience in IT, specializing in Information Security Operations.

Required

Advanced Experience

Operation security technologies such as firewalls, intrusion detection/prevention, SIEM, and other security systems.

Required

Advanced Experience

Network packet analysis and vulnerability analysis while creating an action plan to resolve issues or incidents that are discovered.

Required

Advanced Experience

Securing public cloud services like Azure or AWS.

Required

Advanced / Specialized Knowledge

Networking principles, technologies and devices, Internet Protocols and address schemes, the ISO -OSI architecture

Required

Advanced / Specialized Knowledge

Next-generation firewall management experience is required.

Required

Knowledge Of

Common information security management frameworks such as ISO 27001, ITIL, COBIT, NIST, and CSIS 20 Critical Security Controls.

Would an equivalent combination of relevant education and work experience be considered?: Yes

License/Certification

Required/Preferred

License/Certification

Description

Required within 3 months of hire

Multiple Certifications

A combination of IT Security certifications that demonstrate a high level of technical and managerial IT security skills. Examples include: CISM, GIAC, CEH, CCNP, CSX-P, Network+, Security+ and CISSP.

Required Skills and Abilities

• Employee must be trustworthy and possess a significant level of credibility, discretion, and diplomacy.
• Employee must be capable of interacting calmly and professionally with a variety of people from diverse backgrounds at various levels within and outside of the organization.
• Employee must be a team player with a passion for customer service and a proven ability to build rapport and work effectively with employees at all levels of the organization.
• Employee must be a self-starter with ability to take ownership and accountability of all roles and responsibilities with minimal supervision.
• Ability to communicate effectively, verbally and in writing. Ability to understand and follow complex written and oral instructions.
• Ability to assess, research and deploy new security technologies and secure frameworks into existing enterprise security controls.
• Ability to serve as cybersecurity subject matter expert on project teams.
• Able to translate security policies and procedures into technical architectures.
• Ability to serve as a backup for other staff members in a mutually supportive team work environment.
• Employee must be capable of regular, reliable, and timely attendance.

Additional Requirements

Travel

Up to 15% travel required: (e.g. 3.5 days/month) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Travel will be necessary to conduct the duties of this job, and the employee must have the ability to drive and have proper licensing.

Working Conditions

Environment: Indoors, a climate-controlled shared work area.

Noise Level: Moderate noise; not extreme or excessive; within reasonable limits.

Lifting: Medium work: Exerting up to 50 pounds of force occasionally, and/or up to 25 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.

Vision

Close visual acuity to prepare and analyze data and figures, view a computer terminal, and read the computer screen, printed materials, and handwritten materials.

Close visual acuity to conduct inspection of small parts and defects, operate and inspect machines and devices, and assemble parts at distances close to the eyes.

Physical Activities

Frequency

Balancing: Maintaining body equilibrium to prevent falling and walking, standing or crouching on narrow, slippery, or erratically moving surfaces.

Infrequent – rare.

Climbing: Ascending or descending ladders, stairs, scaffolding, ramps, poles and the like, using feet and legs and/or hands and arms.

Infrequent – rare.

Crawling: Moving about on hands and knees or hands and feet.

Infrequent – rare.

Crouching: Bending the body downward and forward by bending leg and spine.

Infrequent – rare.

Feeling: Perceiving attributes of objects such as size and shape, temperature or texture by touching with skin, particularly that of the fingertips.

Infrequent – rare.

Fingering: Picking, pinching, typing or otherwise working primarily with fingers rather than with the whole hand as in handling.

Daily.

Grasping: Applying pressure to an object with the fingers and palm.

Occasional – now and then.

Kneeling: Bending legs at knee to come to a rest on knee or knees.

Occasional – now and then.

Lifting: Raising objects from a lower to a higher position or moving objects horizontally from position to position.

Occasional – now and then.

Pushing: Using upper extremities to press against something with steady force in order to thrust forward, downward or outward.

Infrequent – rare.

Pulling: Using upper extremities to exert force in order to draw, haul or tug objects in a sustained motion.

Occasional – now and then.

Repetitive Motion: Making substantial movements (motions) of the wrists, hands, and/or fingers.

Daily.

Stooping: Bending body downward and forward by bending spine at the waist.

Infrequent – rare.

What We Offer

COMPENSATION & BENEFITS: Starting salary is dependent upon relevant experience and may vary based on the geographic location of the position. We offer an extensive benefits package that includes, but is not limited to medical, dental, vision, and life insurance. Coverage is available to employees and their eligible dependents in accordance with our written plan documents. You may also be eligible for a health savings account option, an Employee Assistance Program (EAP), a health rewards program, a retirement savings plan, including 401(k) and Profit-Sharing plans, short and long-term disability benefits, education and training benefits, and discounts on banking products and services. We also offer a generous Paid Time Off (PTO) plan and paid holidays. PTO accruals begin at .0745 per hour worked for our part time employees up to a maximum accrual of 240 hours per year for certain Full-Time employees. PTO accruals are dependent on position, status (Full time or Part time), and years of experience in accordance with our PTO policy. Most Full-Time employees are also offered 6 paid holidays and Part Time employees are offered pro-rated paid holidays. In addition, employees in Utah and Nevada may be eligible for pay for certain state recognized holidays. Visit our website for more details. Check it out!

We are an Equal Opportunity Employer and qualified applicants, or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, genetic information, protected veteran status, or any other category protected by applicable federal, state, or local laws.

Glacier Bancorp, Inc. does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

No Recruiters or unsolicited agency referrals please.