Who we are looking for We are seeking a
Product Security Engineer / Architect - Email Security reporting into the Defensive Engineering leadership team within Global Cyber Security (GCS). You will lead the strategy, architecture, and engineering of enterprise email security capabilities, protecting the organization against phishing, business email compromise (BEC), account takeover, malware, and emerging threats.
What you will be responsible forAs a
Product Security Engineer / Architect - Email Security, you will:
- Define and drive the enterprise email security strategy, architecture, and roadmap.
- Lead the evaluation, implementation, and continuous improvement of email security technologies and controls.
- Partner with the GTS Email Platform team, which owns and operates the enterprise email infrastructure, to design and deploy security capabilities across the email ecosystem.
- Collaborate with the Cyber Defense Center (CDC) to enhance detection, investigation, and response capabilities for phishing, business email compromise (BEC), account takeover, and other email-borne threats.
- Work with Threat Intelligence, Identity Security, and Incident Response teams to identify emerging threats and improve defensive controls.
- Lead product evaluations, proof-of-concepts, and vendor assessments for email security technologies.
- Drive integration of email security solutions with security monitoring, analytics, and response platforms.
- Develop security standards, architectural patterns, and implementation guidance for email security controls.
- Track and report key metrics related to email threat protection, phishing resilience, and risk reduction.
- Serve as a subject matter expert for enterprise email security initiatives.
What we valueThese skills will help you succeed in this role:
- Experience with enterprise email security technologies such as Microsoft Defender for Office 365, Proofpoint, Abnormal Security, Mimecast, Cisco Secure Email, or similar platforms.
- Strong understanding of phishing, business email compromise (BEC), account takeover, malware, social engineering, and email-based threats.
- Knowledge of email security technologies including SPF, DKIM, DMARC, SMTP security, and email authentication frameworks.
- Experience designing and implementing enterprise-scale email security controls and architectures.
- Experience integrating email security platforms with SIEM, SOAR, identity, endpoint, and threat intelligence solutions.
- Strong analytical, problem-solving, automation, and scripting skills.
- Excellent communication and stakeholder management skills.
Education & Preferred Qualifications- Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience.
- 8+ years of experience in cybersecurity, security engineering, or security architecture.
- 5+ years of hands-on experience with email security technologies and threat protection solutions.
- Experience working in financial services or other regulated industries preferred.
- Relevant certifications such as CISSP, CCSP, GIAC, or Microsoft Security certifications preferred.
Additional Requirements- Experience developing security strategies, roadmaps, and architecture standards.
- Familiarity with emerging AI-driven phishing, impersonation, and social engineering threats.
- Strong collaboration skills and ability to work across Cyber Security, GTS, and Engineering organizations.
- Ability to translate security risks into actionable technical solutions.
Work Requirement- Hybrid work model in accordance with company policy.
- Ability to collaborate effectively with global teams across multiple time zones.
- Standard business hours with flexibility to support critical security incidents and initiatives when required.
Salary Range: $120,000 - $202,500 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.
Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.
For a full overview, visit https://hrportal.ehr.com/statestreet/Home.