CybersecurityJobs.io
← Back to all jobs

Job Description

What DCU offers

Join DCU, the largest credit union in New England, serving more than one million members with a workforce of about 1,700 colleagues. The organization emphasizes a strong work life balance and a caring community. DCU is an equal opportunity employer that values diversity, inclusion, and equity. If you require a reasonable accommodation during the hiring process, please email [email protected]. This position does not offer visa transfer or sponsorship.

Role overview

The Senior Information Security Engineer provides independent second line of defense oversight and risk assessment across the information security program, controls, and technology environment. The role supports identification, monitoring, and reporting of information security risks to align with regulatory expectations and industry standards, strengthening cybersecurity posture and operational resilience.

Responsibilities

  • Conduct independent assessments of information security risks, controls, and processes across technology environments, applications, infrastructure, and third party relationships.
  • Evaluate the design and effectiveness of security controls against established frameworks, regulatory requirements, and industry best practices.
  • Identify, analyze, and communicate cybersecurity risks, vulnerabilities, control weaknesses, and emerging threats to risk and business stakeholders.
  • Support governance and oversight of security domains including identity and access management, vulnerability management, cloud security, application security, data protection, and cybersecurity operations.
  • Perform risk assessments for new technologies, projects, systems, and business initiatives to evaluate potential security and operational risks.
  • Provide effective challenge to first line security practices, risk decisions, control implementations, and remediation strategies.
  • Monitor and assess information security metrics, KRIs, control effectiveness measures, and trends to identify emerging risks and opportunities for improvement.
  • Support development and maintenance of information security risk management policies, standards, methodologies, and governance processes.
  • Participate in regulatory examinations, internal audits, risk reviews, and compliance assessments by preparing analysis, documentation, and responses to requests.
  • Partner with Technology, Information Security, Compliance, Enterprise Risk, Internal Audit, and business stakeholders to strengthen risk management practices and improve control maturity.
  • Prepare reporting and presentations that communicate technical risks, control gaps, and security trends to diverse audiences.
  • Support oversight of third party technology providers and critical vendor security risk management activities.
  • Stay current on cybersecurity threats, regulatory developments, emerging technologies, and industry practices to evaluate potential impacts to the organization.

Requirements

  • Bachelor's degree in a field relevant to the role, or 4 additional years of relevant experience in lieu of a degree.
  • 4 to 6 years of relevant experience.
  • Knowledge of information security frameworks and standards such as NIST CSF, NIST 800-53, ISO 27001, CIS Controls, FFIEC guidance; familiarity with regulatory expectations applicable to financial services environments.
  • Understanding of cybersecurity domains, with focus on artificial intelligence, cloud security, network security, and data protection.
  • Ability to provide solutions that enable the safe usage of AI technologies in a financial services organization.
  • Experience with Model Context Protocol (MCP) governance.
  • Experience with Microsoft Copilot, OpenAI ChatGPT, Anthropic Claude and other similar technologies.
  • Familiarity with AI security tools such as Palo Alto Prisma AI runtime security AIRS, CrowdStrike Falcon AI Detection and Response AIDR, or other similar tools.
  • Deep experience securing and governing Microsoft Azure and Amazon Web Services (AWS).
  • Experience with cloud security tooling such as Orca, Prisma Access Cloud, Wiz or other similar tools.
  • Strong analytical and problem solving skills with the ability to evaluate complex security and technology risks.
  • Ability to provide objective risk assessments and effective challenge while building collaborative stakeholder relationships.
  • Support the ability to shift left and incorporate security early on and throughout the development lifecycle.
  • Strong written and verbal communication skills with the ability to translate technical concepts into business focused risk discussions.

Technologies

  • NIST CSF, NIST 800-53, ISO 27001, CIS Controls, FFIEC guidance
  • MCP (Model Context Protocol) governance
  • Microsoft Copilot
  • OpenAI ChatGPT
  • Palo Alto Prisma AI runtime security AIRS
  • CrowdStrike Falcon AI Detection and Response AIDR
  • Microsoft Azure
  • Amazon Web Services (AWS)
  • Orca
  • Prisma Access Cloud
  • Wiz

Position details

Location: Marlborough, MA hybrid. Salary: USD 116,500 - 140,000 per year. Typical schedule: Mon-Fri, 8:00 AM to 5:00 PM (40 hours).

Typical scope

  • Applies best practices and knowledge of internal and external business challenges to improve products, processes or services. Accountable for small projects or programs with manageable risks and resource requirements; resolves difficult problems and adapts policies to new situations.
  • Demonstrates judgment in selecting methods to solve problems with cross-functional impacts or competing priorities; applies advanced knowledge of the job area.
  • Typically works independently within defined specialties, adapting methods for routine work with minimal oversight; accountable for deliverables; may mentor others and review their work.

About DCU

DCU is the largest credit union headquartered in New England, serving more than one million members across all 50 states. With over 1,700 team members, the organization emphasizes a healthy work life balance and a community that cares. DCU is an equal opportunity employer and values diversity, inclusion, and equity in the workplace. If you require a reasonable accommodation during the hiring process, please contact [email protected].

Similar Jobs