Principal Cybersecurity Engineer Boston, MA (Remote flex) Contract-to-Hire
Description: The Principal Cybersecurity Engineer reports to the Director of Cybersecurity and is responsible for the cybersecurity operations for our insurance client. The role includes a strong collaboration with IT teams internally to ensure that their systems and software are protected from breaches. The Principal Cybersecurity Engineer is responsible for managing the day-to-day cybersecurity operations. They will implement and manage the systems needed to ensure that the operations are properly executed, from firewalls to SIEM, DLP, Network Security, OT, DLP, CASB and EDR. The role is responsible for assessing new systems before they are implemented using penetration testing techniques.
This team member will:
Responsible for network security, tools that enable network security auditing / reporting, and ensuring security is “built into” the organization’s network and network devices, including third party
Responsible for the cybersecurity tools needed to execute the cybersecurity mandate Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and provides oversight to ensure compliance.
Provides technical consulting to management, business users, and technical associates to ensure that applications and platforms are secure
Responsible for identifying, designing, and implementing security requirements for Network and Network devices
Architects, designs, implements, maintains and operates information system security controls and countermeasures; documents the operation, use, and expected outputs of these systems
Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance
Implementing security control as necessary in alignment with various NIST standards (800-53, 800-82 …)
The ideal candidate will have most, if not all, of these requirements:
Bachelor degree in Cybersecurity, Computer Science or equivalent experience
Certification on at least one Cybersecurity program (CISSP, CISA, CISM, GIAC or similar)
3 year experience in a hands-on security focused role
Demonstrated ability to apply fundamental cybersecurity and IT concepts to tasks and projects
Demonstrated experience with Penetration Testing Reporting and Remediation
Hands on technical experience with SIEM, Networking, OT, DLP, CASB, EDR
Experience with AWS Security
Ability to work in a fast-paced environment
Experience securing cloud applications (Iaas and SaaS)
Experience with creating automation of security tasks
Understands and can implement computer forensics
Additional experience and/or qualifications:
AWS Security certification
Ability to type, stand, and sit for extended periods of time
Willingness to occasionally travel or work required nights/weekends/on-call