Security Engineer

Primary Responsibilities

• Design, implement, and support security controls across AWS, Microsoft Azure, Google Cloud, and hybrid infrastructure environments.
• Manage and optimize enterprise security technologies including firewalls, VPNs, IDS/IPS, NAC solutions, secure email gateways, email encryption platforms, EDR, antivirus, antimalware, and DLP tools.
• Partner with infrastructure and application teams to secure LAN/WAN networks, routing and switching environments, VLANs, NAT configurations, DNS, DHCP, and internet-facing services.
• Maintain and enhance identity and access management controls, including Active Directory, Single Sign-On (SSO), PKI, and Zero Trust security frameworks.
• Conduct vulnerability assessments, coordinate remediation efforts, and leverage vulnerability scanning tools to identify and mitigate security risks.
• Support the security of virtualization platforms, containerized environments, SaaS applications, and PaaS services.
• Implement and maintain encryption solutions including SSL/TLS, SSH, IPSec, disk encryption, HSM technologies, and site-to-site and remote access VPNs.
• Participate in penetration testing activities, security assessments, threat modeling exercises, and validation of security controls.
• Secure web-based applications and infrastructure by addressing risks related to HTTP, cookies, sessions, CDNs, SQL injection, and other common attack vectors.
• Collaborate with cross-functional teams to strengthen network segmentation, DMZ architecture, next-generation firewall strategies, load balancing technologies, and overall enterprise security posture.

Key Qualifications

• Bachelor's degree in Information Security, Computer Science, Information Technology, or a related discipline, or equivalent professional experience.
• 5+ years of experience in cybersecurity engineering, infrastructure security, network security, or a related technical security function.
• Hands-on experience securing public cloud environments including AWS, Microsoft Azure, and/or Google Cloud Platform.
• Strong understanding of enterprise networking concepts including TCP/IP, routing and switching, VLANs, NAT, DNS, DHCP, and VPN technologies.
• Experience administering and supporting security technologies such as firewalls, IDS/IPS, NAC, EDR, DLP, email security platforms, and vulnerability management solutions.
• Deep knowledge of cryptographic principles including symmetric and asymmetric encryption, hashing, PKI, SSL/TLS, IPSec, and key management technologies.
• Experience with Windows and Linux operating systems in enterprise environments.
• Familiarity with virtualization technologies, containers, cloud-native security controls, and modern application security concepts.
• Understanding of web and application security principles, including secure authentication, session management, and mitigation of common vulnerabilities such as SQL injection.
• Strong analytical, troubleshooting, and communication skills, with the ability to work effectively within a collaborative, fast-paced financial services environment.

This position offers the opportunity to work on mission-critical security initiatives within a leading global investment management organization. As an early member of the firm's new Boston office, candidates should be motivated and team-driven, excited to collaborate across both technical and nontechnical teams in a rapidly growing environment. Candidates must be willing/able to follow a hybrid schedule, 4 days/week (M-Th) onsite.

This is a full-time role - no C2C/C2H. Resumes must include first/last name and contact information in order to be considered.