CybersecurityJobs.io
← Back to all jobs
Information Technology Department

Principal Cybersecurity Engineer

Boston, MA $120k - $180k/yr Full time Posted 4h ago

Job Description

This senior role focuses on designing, deploying, and operating comprehensive security controls across network, endpoints, cloud environments, identity systems, data protection, and security operations to safeguard an asset management financial services organization.

Responsibilities

  • Design, implement, and sustain security controls across network, endpoint, cloud, and identity domains.
  • Support and advance a Zero Trust architecture across systems, applications, infrastructure, and access models.
  • Define and validate security requirements for new systems, applications, platforms, and technology changes.
  • Integrate security practices into system design, the software development life cycle, and DevSecOps workflows.
  • Develop and refine detection use cases across SIEM, XDR, and related monitoring tools.
  • Lead incident response efforts including investigation, containment, eradication, recovery, remediation, and post-incident analysis.
  • Conduct threat hunting for anomalous activity, adversary behavior, indicators of compromise, and potential incidents.
  • Improve security operations through automation, orchestration, playbooks, and streamlined response workflows.
  • Secure AWS, Azure, Microsoft 365, and other cloud platforms through secure control design, configuration, logging, monitoring, and workload protection.
  • Implement and manage CSPM, cloud workload protection, and cloud security posture capabilities.
  • Assess cloud architectures, services, integrations, and deployments for security risk.
  • Strengthen IAM, PAM, authentication, authorization, access governance, least privilege, and identity-based controls.
  • Support identity-driven Zero Trust initiatives involving access policies, device trust, segmentation, and continuous verification.
  • Support data classification, data protection, data monitoring, secure handling, and governance of sensitive information.
  • Enhance data protection capabilities beyond traditional data loss prevention.
  • Ensure secure data exchange with third parties, vendors, external partners, applications, and business platforms.
  • Support vulnerability management through risk-based prioritization, remediation guidance, exposure analysis, and coordination with technology owners.
  • Leverage threat intelligence to improve detection coverage, vulnerability prioritization, response planning, and control effectiveness.
  • Evaluate emerging threats, attacker techniques, exploitation trends, and security control gaps.
  • Support cybersecurity compliance related to internal policies, SEC, FINRA, audit requirements, regulatory obligations, and industry frameworks.
  • Partner with risk, audit, compliance, governance, engineering, infrastructure, cloud, application, and business teams.
  • Contribute to cybersecurity metrics, leadership reporting, governance documentation, and SIRT activities.
  • Support vendor management, tool evaluation, process improvement, and continuous enhancement of cybersecurity capabilities.

Requirements

  • Bachelor enjoyed in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
  • Minimum of eight years in cybersecurity engineering, security infrastructure, enterprise security operations, or closely related technical roles.
  • Experience across network, endpoint, cloud, identity, infrastructure security, or security engineering.
  • Experience in detection engineering, incident response, threat detection, investigations, SIEM, XDR, or related security monitoring tools.
  • Experience with IAM, PAM, authentication and authorization, access governance, privileged access management, and least-privilege concepts.
  • Strong knowledge of cybersecurity principles, security architecture, control design, and the NIST CSF.
  • Experience with the incident response life cycle including triage, investigation, containment, eradication, remediation, recovery, and post-incident review.
  • Familiarity with networks, servers, operating systems, endpoints, cloud platforms, identity systems, and business applications.
  • Strong analytical, problem-solving, documentation, collaboration, and communication skills.

Technologies

  • AWS
  • Azure
  • Microsoft 365
  • SIEM
  • XDR
  • CSPM
  • Cloud workload protection
  • IAM
  • PAM
  • Python
  • PowerShell
  • MITRE ATT&CK

Benefits

  • 401(k)
  • 401(k) matching
  • Dental insurance
  • Employee assistance program
  • Employee discount
  • Flexible schedule
  • Flexible spending account
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Parental leave
  • Professional development assistance
  • Referral program
  • Retirement plan
  • Tution reimbursement
  • Vision insurance

Principal / Senior Cybersecurity Engineer Preferred Qualifications

  • CISSP, GIAC, GCIA, GCIH, GCED, or related security certifications.
  • Cloud security certification or hands-on experience with AWS, Azure, Microsoft 365, or similar cloud environments.
  • Experience in financial services, banking, capital markets, fintech, insurance, or highly regulated environments.
  • Knowledge of SEC, FINRA, audit requirements, internal security policies, regulatory expectations, and control frameworks.
  • Experience with Python, PowerShell, scripting, automation, workflow optimization, or operational tooling.
  • Knowledge of MITRE ATT&CK, threat frameworks, adversary tactics, and attack techniques.
  • Experience with Zero Trust, DevSecOps, CSPM, cloud workload protection, threat hunting, vulnerability management, identity security, SIEM, XDR, IAM, PAM, and security operations improvement.
  • Additional Requirements
    • Risk-based decision making.
    • Ability to work across cybersecurity, engineering, infrastructure, application, cloud, risk, compliance, audit, and business teams.
    • Ability to operate in a fast-paced environment with evolving threats and priorities.
    • Commitment to staying current on cybersecurity threats, tools, technologies, frameworks, and industry trends.

Work Location

Location: Boston, MA; Onsite (in person).

Similar Jobs

Get Job Alerts

New jobs delivered to your inbox.