State Street

IT Security Engineer - Burlington, MA

Security Engineer in Burlington, MA

Posted 2019-10-03

The primary purpose of the IT Security Engineer position is to design, implement, and manage the IT security controls used to protect the confidentiality, integrity, and availability of confidential customer and company data in the CRD SaaS environments. In addition to day-to-day security operations, this position is responsible for managing our security improvement initiatives and projects. This position works closely with internal Risk Management teams to oversee our security program and to report security findings.

Essential Functions:

Play a key leadership role in defining and maintaining daily security operations.
Implement large-scale security improvement projects, including the deployment of new tools and services.
Maintain the existing compliance programs (SOC 2, ISO 27001, NIST etc.)
Create and maintain Security Operations Key Risk Indicators (KRI) for CISO
Develop operational procedures for others on the team to execute and ensure the quality of their work.
Develop procedures to carry out information security plans and policies as defined by direct management and Risk Management.
Develop incident response procedures to respond to and recover from a security breach
Implement appropriate security controls on SaaS systems to protect client and company data
Define and implement appropriate security baselines and hardening standards for SaaS systems.
Develop or implement tools to assist in detection, prevention and analysis of security threats
Develop, maintain, and execute a vulnerability scanning process for all SaaS networks and systems.
Develop, maintain, and execute a patch management process for all SaaS systems.
Lead incident response and forensic analysis to security breaches.
Maintain awareness on information security standards, policies and best practices.
Manage complex support relationships with key vendors, including managed hosting providers.
Adhere to CRD technical standards, policies, and procedures.
Participate in general incident response and troubleshooting efforts as issues arise.
Participate in periodic weekend maintenance rotation.
Requirements and Qualifications:

Bachelor’s degree in a technical or analytical discipline such as Computer Science, IT, MIS/CIS, Engineering, Financial Engineering, Science, Economics, Mathematics or Statistics.
Master’s degree in cyber/information security, security engineering, or related field of study with an emphasis on security preferred.
Relevant Information Security industry certifications (CISSP, CEH, SANS etc.) strongly preferred.
7+ years general Information Security experience with progressive responsibilities in mission critical production environments; which includes developing and reviewing systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans
5+ years Security engineering experience; which includes systems engineering principles, requirements analysis, system development (software and hardware); network security architecture concepts (topology, protocols, components); and/or IT security principles and methods (firewalls, demilitarized zones, encryption). Must include significant work experience securing Windows-based systems.
Experience working with various security, identity management, log management, and vulnerability management tools, such as SIEMs, IDS/IPS, DLP, anti-virus and access control systems.
Practical experience working with SSL/TLS certificates and solid understanding of cryptography concepts.
Thorough understanding of the latest security principles, techniques, and protocols
Knowledge of basic network architecture concepts (zones/DMZ, VLANs, segmentation, subnetting. LAN/WAN),
General exposure to firewalls, switches, routers, and other networking devices. Good working knowledge of basic firewall configuration concepts (ACL, NAT/PAT, routing statements, ports, protocols, VPNs)
Strong understanding of network services (ex: DNS, DHCP, ARP, TCP/IP stack).
Strong understanding of various Microsoft technologies – Active Directory, Group Policies, IIS, WSUS, SQL Server, DFS, NTFS, Authentication Protocols etc.
Experience with some web / application server technologies (ex: Apache HTTPD, IIS, Tomcat, JBoss, Java Virtual Machine, Weblogic, and WebSphere).
Experience developing reusable code with PowerShell or other appropriate scripting/programming languages to assist with security related tasks.
Understanding of DevOps tools like Ansible, Chef, Puppet, Jenkin, Gitlab etc.
Experience with Azure cloud environment.

Ready to be seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Company summary

State Street partners with institutional investors all over the world to provide comprehensive financial services, including investment management, investment research and trading, and investment servicing.


Flexible work options; discounts to health and fitness clubs; support for continuing education; group discount opportunities, including shopping, recreational, and entertainment activities.

Tech Stack

Java, J2EE, Python, SQL, MySQL, PostgreSQL, Hadoop, HBase, Cassandra, MongoDB, NET, PL/SQL, GitHub, ClearCase/ClearQuest

Interview process

Phone screen with recruiter; technical phone screen and assessment; phone screen with hiring leader; onsite interview. Average interview period: 3-6 weeks.

Be seen in a new Security Engineer job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and be seen.