Cyber Security Engineer Cyber Security Engineer …

State Street Bank
in Burlington, MA, United States
Permanent, Full time
Be the first to apply
State Street Bank
in Burlington, MA, United States
Permanent, Full time
Be the first to apply
Cyber Security Engineer
Cyber Security Engineer - Charles River Burlington Massachusetts/en-US/Global/job/Burlington-Massachusetts/Cyber-Security-Engineer---Charles-River_R-629668/apply Job Description

Primary Purpose of Position:

The primary purpose of the Security Engineer position is to design, implement, and manage the IT security controls used to protect the confidentiality, integrity, and availability of confidential customer and company data in the CRD SaaS environments. In addition to day-to-day security operations, this position is responsible for managing our security improvement initiatives and projects. This position works closely with internal Risk Management teams to oversee our security program and to report security findings.

Essential Functions:

  • Implement large-scale security improvement projects, including the deployment of new tools and services.
  • Maintain the existing compliance programs (SOC 2, ISO 27001, NIST etc.)
  • Create and maintain Security Operations Key Risk Indicators (KRI) for CISO
  • Develop operational procedures for others on the team to execute and ensure the quality of their work.
  • Develop procedures to carry out information security plans and policies as defined by direct management and Risk Management.
  • Develop incident response procedures to respond to and recover from a security breach
  • Implement appropriate security controls on SaaS systems to protect client and company data
  • Define and implement appropriate security baselines and hardening standards for SaaS systems.
  • Develop or implement tools to assist in detection, prevention and analysis of security threats
  • Develop, maintain, and execute a vulnerability scanning process for all SaaS networks and systems.
  • Develop, maintain, and execute a patch management process for all SaaS systems.
  • Lead incident response and forensic analysis to security breaches.
  • Maintain awareness on information security standards, policies and best practices.
  • Manage complex support relationships with key vendors, including managed hosting providers.

Requirements and Qualifications:

  • Bachelors degree in a technical or analytical discipline
  • 4+ years general Information Security experience
  • 3+ years Security engineering experience; Must include significant work experience securing Windows-based systems.
  • Experience working with various security, identity management, log management, and vulnerability management tools, such as SIEMs, IDS/IPS, DLP, anti-virus and access control systems.
  • Practical experience working with SSL/TLS certificates and solid understanding of cryptography concepts
  • General exposure to firewalls, switches, routers, and other networking devices. Good working knowledge of basic firewall configuration concepts (ACL, NAT/PAT, routing statements, ports, protocols, VPNs)
  • Strong understanding of various Microsoft technologies Active Directory, Group Policies, IIS, WSUS, SQL Server, DFS, NTFS, Authentication Protocols etc
  • Experience developing reusable code with PowerShell or other appropriate scripting/programming languages to assist with security related tasks.
  • Experience with Azure cloud environment.
Posted 2 Days AgoFull timeR-629668

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

Our promise to maintain an environment where every employee feels valued and able to meet their full potential infuses our company values. Its also part of our commitment to inclusion, development and engagement, and corporate social responsibility. Youll have tools to help balance your professional and personal life, paid volunteer days, and access to employee networks that help you stay connected to what matters to you. Join us.

As an Affirmative Action/Equal Opportunity Employer, we consider applications for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law. For more information, for U.S. jobs only, please read our .