ABOUT US

Coastal is at the forefront of modern banking, combining strong financial infrastructure with cutting-edge Banking-as-a-Service (BaaS) and fintech enablement strategies. We support not only individuals with their personal banking needs; we also empower businesses by integrating modern banking technology that drives growth, flexibility, and innovation.

At Coastal, we think and move like entrepreneurs; focused on impact, speed, and continuous improvement. We believe in working smart, collaborating deeply, and building solutions that unlock real potential. If you're someone who thrives in a fast-moving environment, loves solving complex problems, and wants to help shape the future of banking, we’d love to meet you.

Check out our video here!

OVERVIEW

As a Cloud & Core Services Engineer you will design, implement, and continuously improve technical controls that secure and operate Coastal’s Azure environment and workloads, identity services, onpremise networks, and technology services developed and deployed using cloud-native engineering and modern CI/CD automation. You will implement both vendor-based and custom-developed solutions, automate evidence collection for regulatory compliance, and serve as a handson subject matter expert across Azure, network, identity, and other cloud domains. This role requires a combination of strategic thinking and tactical execution in order to address the constantly evolving security threat landscape and business operational requirements, as well as the ability to work across teams—including technology, risk, compliance, and executive leadership—to ensure security is embedded in all aspects of our business.

RESPONSIBILITIES TO INCLUDE

• Azure Platform
• Design, build, and operate the enterprise Azure “base service” (landing zones, subscription strategy, management groups, RBAC, tags, budgets) for technology teams across the bank.
• Define and maintain the Azure service catalog (self-service templates, guardrails, quotas, request workflows) that enables fast, safe provisioning for app teams.
• Work with IT Operations and Security Engineering to establish platform SLOs, capacity plans, backup and disaster recovery standards, and cost governance (FinOps tagging, budgets).
• Identity, Network, and Zero Trust
• Work with Security Engineering to design and operate Microsoft Entra ID and Okta as core services: conditional access, MFA, SSO, federation, SCIM provisioning, and lifecycle automation.
• Implement least-privilege access with PIM/PAM, JIT elevation, and policy-as-code guardrails.
• Advance Zero Trust by aligning identity, device posture, network controls, and data protections across cloud and on-prem.
• Design and run hybrid network foundations, including vWAN, VNets/VNet peering, SD-WAN, Private Link, DNS, and Azure Firewall.
• Infrastructure as Code & Automation
• Build reusable, secure IaC modules using Terraform for repeatable, compliant deployments.
• Encode governance via Azure Policy and Terraform deployment pipelines to enforce configuration baselines and drift detection.
• Provide shared platform components (such as App Service, Functions, Key Vault, Event Hub/Service Bus) with opinionated, secure defaults.
• Embed security and compliance checks into CI/CD (image signing, policy enforcement, SAST/DAST/secret scanning) and automate result evaluation.
• Security, Detection & Resilience
• Work with Security Operations to integrate cloud services with the enterprise SIEM and other detection and prevention tools, and help to develop analytics, response playbooks, and platform-level detections.
• Lead hardening after incidents and add improvements into baselines, policies, and IaC for durable risk reduction.
• Compliance & Evidence Automation
• Map platform controls to FFIEC, GLBA, SOX, PCI-DSS, and NIST CSF 2.0
• Automate evidence collection from Azure native services and pipelines to streamline audits.
• Operational Support
• Diagnose and respond to outages of cloud services in collaboration with other operations and app teams.
• Perform root cause analysis (RCA) and post-incident reviews.
• Investigate and troubleshoot failed resource deployments.
• Maintain documentation and procedures (runbooks, playbooks, standards, etc.).

QUALIFICATIONS

• Deep expertise in cloud services, identity, network, and cybersecurity, within financial services
• Demonstrated expertise in three or more of the following:
• Azure architecture, networking, and identity
• Identity and Access Management lifecycle architecture and capabilities
• Cloud-native protection services, including CSPM and CWPP
• Network security (firewalls, IDS/IPS, NAC)
• Kubernetes / container security
• IaC & DevSecOps automation (Terraform, GitHub Actions, Argo)
• Familiarity with FFIEC, GLBA, and NIST CSF or SP?800-53 frameworks.
• Scripting skills in PowerShell, Bash, or Python for automation and SOAR.
• Strong ability to assess risk and develop long-term strategies
• Comfortable operating effectively in a dynamic and changing environment (often with unstructured and/or virtual teams)
• Ability to manage multiple priorities, meet deadlines, and deliver business results
• Strong communication and presentation skills
• Ability to influence even when holding a position contrary to the majority

EDUCATION/EXPERIENCE

• 8+?years of hands-on security engineering or system administration in regulated financial-services or cloud-first environments.
• Security certifications, such as CISSP, AZ-500, or GIAC, are a plus.

HOW YOU’LL THRIVE AT COASTAL

• Be the Best – Communicate effectively, pay close attention to detail, and prioritize your personal development.
• Be Relentless – Thrive in a goal-oriented environment exercising both patience and persistence. Advocate for our customers and team members and strive to promote the Coastal Difference.
• Be Un-Bankey – Be a forward thinker with a creative mindset. Build long-lasting relationships promoting the Coastal Difference, built on a foundation of integrity, honesty, and trust.
• Embrace Gray Thinking – Use sound judgment while decision-making and problem-solving. Think outside the box.
• Stay Flexible – Organize and strategize effectively while always being prepared to adapt on the fly. Seek efficiencies for Coastal to work smarter, not harder.
• Take Care of Each Other – Understand what it means to be a true team player and have your teammate's back. Practice self-awareness and build your emotional intelligence.

BEING YOU AT COASTAL

Coastal Community Bank is an equal opportunity employer. We are committed to providing a workplace free from discrimination and harassment. All employment decisions are based on merit, qualifications, and business needs. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, or any other protected status under applicable laws.?

BENEFITS WE OFFER

We’re proud to offer a comprehensive benefits package designed to support your health, financial well-being, and work-life balance. Check out our benefits on our careers site! Our offerings include:

• Medical Coverage: Choose from three competitive medical plans to find the coverage that best fits your needs and lifestyle.
• Health Savings Account (HSA): Available with eligible medical plans, offering tax advantages and employer contributions.
• Flexible Spending Accounts (FSA): Options for healthcare and dependent care expenses to help you save on out-of-pocket costs.
• Dental and Vision Insurance: Plans?to keep you and your family smiling and seeing clearly.
• Life Insurance: Company-paid basic life insurance with options to purchase additional coverage for yourself and your dependents.
• Long-Term /Short-Term Disability (LTD): Income protection in the event of a long-term illness or injury.
• Supplemental Benefits: Including Hospital Indemnity, Accident Insurance, and Critical Illness coverage to provide extra financial support when you need it most.
• 401(k) Retirement Plan: A competitive retirement savings plan with company matching to help you plan for the future.
• Paid Time Off: Generous vacation and sick leave policies to support your time away from work.
• Holidays: Enjoy 11 paid holidays throughout the year.

PHYSICAL DEMANDS

The physical demands described below are required to perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee must be able to:

• Sit for extended periods of time.
• Stand for extended periods of time.
• Perform repetitive finger, hand, and arm movement.
• Use electronic office equipment such as a computer keyboard, mouse, ten key, telephone, etc.
• View and read computer screens for extended periods.
• Occasionally stoop, kneel, crouch, or crawl.
• Occasionally lift or move up to 10 pounds.

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.