Security Engineer

Information Security Engineer

Downtown Boston (Hybrid, onsite 3 days / week)

Direct-hire : Perm FTE

The ideal candidate will possess a deep understanding of information security principles, advanced cybersecurity methods, and innovative technological solutions to effectively manage daily security operations, develop and implement security policies, and respond to security incidents. To be successful in this role, you should have excellent problem-solving skills and a solid understanding of cloud, on-premises, and application security technologies. You should also be adept at proactively identifying and resolving incidents, providing suggestions and solutions to enhance the security environment, working independently, and collaborating within a team environment.

Key Responsibilities :

• Manage the vulnerability lifecycle from identification to resolution and collaborate with IT teams to maintain secure baseline configurations.
• Manage security controls such as network and host intrusion detection / protection systems (IDS / IPS), identity access management systems (SSO, IdP), firewalls, security incident and event management systems (SIEM), mobile device management (MDM) systems, data classification and loss prevention systems (DLP), secure email gateways, and proxy systems.
• Collaborate with Information Technology, Risk Management, and Compliance to analyze and strengthen security controls and implement comprehensive security requirements.
• Lead the implementation, documentation, and maintenance of information security policies, standards, procedures, and controls.
• Investigate security incidents, perform root cause analysis to identify indicators of compromise, and maintain documentation for corrective actions and improvements.
• Oversee third-party providers to enhance security controls and procedures.
• Monitor and analyze event logging across the organization, ensuring proper alerting is in place, reducing false positives, and identifying and correcting false negatives.
• Identify and address gaps in security controls and remedy documented control weaknesses. Collaborate with the business to ensure the information security program is properly implemented.
• Conduct information security reviews of external systems containing or utilizing firm or client NPPI.
• Stay current with the latest security technologies, trends, vulnerabilities, and emerging threats, providing expert guidance to stakeholders.

Education & Experience :

Specialized Skills :

If interested, please email Ian Ostberg @iostberg@alexandertg.com with a current resume and upcoming availability.

J-18808-Ljbffr