Senior Security Engineer
CRICO · Boston, MA · 2 wk ago
HybridInformation TechnologyFull-time
Role Summary
Reporting to the Chief Information Security Officer, the Senior Security Engineer is responsible for designing, implementing, and maintaining security technologies and processes that protect the organization's systems, applications, and data. This role partners closely with infrastructure, application development, and business teams to identify risks, improve security controls, support incident response activities, and strengthen the organization's overall cybersecurity posture.
Responsibilities
- Lead the evaluation, implementation, and integration of new technologies and techniques to enhance the organization's cybersecurity posture.
- Serve as a key liaison between security and technical teams to support secure development practices and resolve security issues.
- Perform detailed application and infrastructure security testing to validate remediation efforts and identify potential vulnerabilities.
- Collaborate with developers and technical stakeholders to communicate security findings and assist with implementation of corrective actions.
- Maintain and update security process documentation, operational playbooks, and internal knowledge base articles to reflect current practices.
- Assist with tracking, measuring, and reporting cybersecurity performance metrics and key performance indicators.
- Manage the onboarding and integration of new applications into the organization’s identity and access management framework.
- Support identity lifecycle management, including user provisioning, deprovisioning, and access reviews.
- Act as the initial responder to security alerts and events, conducting triage and escalating as needed.
- Analyze and tune detection systems to reduce false positives and improve threat detection capabilities.
- Develop and execute threat hunting strategies based on observed adversary behaviors and threat intelligence.
- Collaborate with internal and external teams during threat investigations and response activities.
- Provide Tier 1 support for security-related tickets and requests, including escalation and documentation as needed.
- Coordinate and submit changes through the organization's change management process.
- Review and assess user-reported communications to identify phishing or other malicious activity.
- Conduct security risk assessments and provide recommendations to reduce organizational risk.
- Support third-party risk assessments and security reviews of vendors and service providers.
- Monitor and improve security controls within cloud environments including AWS and Azure. Assist with cloud security architecture reviews and implementation of security best practices for SaaS, IaaS, and PaaS platforms.
- Participate in security architecture reviews and provide guidance on secure system design and implementation.
Qualifications
- Education & Experience: 5+ years of progressive experience in information security, cybersecurity engineering, or related technical disciplines. Bachelor's Degree required. Experience with information security in Cloud computing and SaaS/IaaS/PaaS models. Extensive knowledge of information technology operations, responsibilities, procedures to ensure adherence by all staff and make incremental improvements as needed. Strong knowledge of application infrastructure components such as Windows Server, Active Directory, Group policy, SQL Server, IIS, AWS, Azure and Tomcat. Demonstrated experience with Windows 11 and networking concepts. Experience with DLP, anti-virus and anti-malware. In-depth understanding of TCP /IP, computer networking, routing and switching. Solid experience with firewall and intrusion detection/prevention protocols. Experience with Network protocols and packet analysis tools. Experience with Security Information and Event Management (SIEM). Understanding of IDS / IPS, penetration and vulnerability testing. Experience with Threat Intelligence, including gathering, analyzing, and applying threat intelligence data to enhance security posture. Experience with vulnerability management tools, such as Qualys, Nessus, or Rapid7.
- Skills: Familiarity with endpoint management platforms like Microsoft Intune, SCCM, or other MDM solutions. Ability to identify and mitigate vulnerabilities and explain how to avoid them. Skilled in leveraging data analysis tools and techniques to obtain, clean, and organize data to generate recommendations and insights. Specialized Certifications: SSCP CompTIA Security+ CompTIA CySA+ CISSP (preferred). GIAC certifications (preferred).
- Compliance/Regulatory Knowledge: NIST CSF CIS Controls HIPAA SOC 2 ISO 27001
- People Management: No direct people management responsibilities