Information Security Engineer

Description

First National Bank is seeking a motivated and detail-oriented Information Security Engineer to support the operational and technical components of our Information Security Program. This role is responsible for monitoring security events, identifying and managing vulnerabilities, and supporting the implementation and effectiveness of security controls. The ideal candidate will play a key role in protecting the organization's systems, data, and digital platforms from evolving cyber threats.

Candidates must currently reside in the state of Maine. We are not considering out-of-state applicants for this position.

This fulltime position offers competitive pay, time off, benefits and a bonus plan. Opportunities for personal growth and professional development. And yes, a real opportunity to make a difference in the place where you live. We are proud to be on the 2025 list of Best Places to Work in Maine.

Qualifications

• Bachelor's degree in Information Security, Cybersecurity, Information Technology, Computer Science, or a related field preferred (or equivalent combination of education and experience)
• 2-5 years of experience in information security, IT operations, network administration, or a related technical role
• Experience supporting incident response and investigating security events
• Banking or other regulated industry experience preferred

Key Responsibilities

This role may include, but is not limited to:

• Coordinate security monitoring activities, including oversight of outsourced SOC/SIEM services
• Monitor threat intelligence sources and communicate relevant risks to stakeholders
• Manage the vulnerability management program and coordinate remediation efforts
• Support incident response activities, including investigation and resolution of cybersecurity events
• Oversee endpoint security tools and protection mechanisms
• Support identity and access governance processes, including access reviews
• Coordinate penetration testing and other security assessment activities
• Contribute to secure system lifecycle practices and participate in security architecture reviews
• Provide oversight of network and infrastructure security controls
• Support implementation and maintenance of cryptography and encryption standards
• Assist in securing digital banking platforms and other externally facing systems
• Perform additional duties in support of the Information Security and Risk Management Program

Technical Skills & Knowledge

• Understanding of core security operations concepts, including threat detection, incident response, and vulnerability management
• Familiarity with industry frameworks such as FFIEC, NIST Cybersecurity Framework, and CIS Controls
• Ability to analyze logs, alerts, and security events to identify potential threats
• Working knowledge of operating systems, networking, and cloud environments

Key Competencies

• Strong analytical and problem-solving skills with keen attention to detail
• Ability to manage multiple priorities in a fast-paced environment
• Effective communication skills, including the ability to translate technical concepts for non-technical audiences
• Collaborative mindset with a proactive approach to security