DescriptionThe Senior Cybersecurity Engineer is responsible for designing, implementing, and operating enterprise security controls across network, cloud, and identity domains. This role leads detection and response engineering, ensures the effectiveness of security controls, and partners with technology and business teams to manage cybersecurity risk in alignment with regulatory and industry frameworks.
The position plays a key role in advancing Zero Trust architecture, strengthening monitoring and response capabilities, and supporting compliance obligations within a financial services environment.
What you will do:Security Engineering & Architecture
- Design, implement, and maintain enterprise security controls across network, cloud, endpoint, and identity platforms
- Support the development and adoption of Zero Trust architecture principles across the enterprise
- Partner with architecture and engineering teams to define and validate security requirements for new systems and applications
- Ensure security is embedded into system design and software development lifecycle processes (DevSecOps)
Detection & Response Engineering
- Develop, implement, and continuously improve detection use cases within SIEM/XDR platforms
- Lead incident response activities, including investigation, containment, eradication, and post-incident analysis
- Perform threat hunting and proactively identify potential adversary activity
- Drive automation of response workflows and orchestration of security operations
Cloud & Platform Security - Secure cloud environments (e.g., AWS, Azure, M365) through appropriate control design and configuration
- Implement and manage cloud security posture management (CSPM) and workload protection capabilities
- Review and assess cloud architectures for security risks and compliance with internal standards
Identity & Access Security
- Partner with identity teams to strengthen IAM, PAM, and identity-centric security controls
- Support implementation of least privilege access, strong authentication, and access governance practices
- Contribute to identity-driven Zero Trust initiatives
Data Security - Support enterprise data protection strategies including data classification, protection, and monitoring
- Enhance and mature capabilities beyond traditional DLP to align with business and regulatory requirements
- Ensure secure data exchange and integration with third parties and external partners
Threat & Vulnerability Management
- Support vulnerability management through risk-based prioritization and remediation guidance
- Integrate threat intelligence into detection and response processes
- Continuously evaluate emerging threats and control effectiveness
Risk, Compliance & Governance
- Support compliance with regulatory requirements (e.g., SEC, FINRA) and internal security policies
- Partner with risk, audit, and compliance teams to demonstrate control effectiveness
- Contribute to cybersecurity metrics, reporting, and risk posture communication to leadership
- Participate in and support the Security Incident Response Team (SIRT)
Collaboration & Continuous Improvement
- Serve as a subject matter expert to business units and technology teams
- Establish and manage relationships with security vendors and service providers
- Contribute to continuous improvement of cybersecurity capabilities, processes, and control effectiveness
- Support security awareness and training initiatives where appropriate
What you will bring:Required
- Bachelor's degree in Cybersecurity, Information Technology, or related discipline (or equivalent experience)
- 8+ years of experience in cybersecurity engineering, with progressive responsibility in security operations and infrastructure
- Strong experience across one or more of the following domains:
- Security engineering (network, endpoint, cloud)
- Detection and response engineering (SIEM/XDR)
- Identity and access management
- Deep understanding of cybersecurity principles, frameworks, and control design (e.g., NIST CSF)
- Experience with incident response, threat detection, and investigation processes
- Knowledge of enterprise environments including networks, systems, and cloud platforms
- Strong analytical, problem-solving, and communication skills
Preferred
- Relevant certifications such as:
- CISSP
- Cloud security certifications (AWS, Azure)
- GIAC certifications (e.g., GCIA, GCIH, GCED)
- Experience in financial services or highly regulated environments
- Familiarity with regulatory and compliance expectations (SEC, FINRA, etc.)
- Experience with security automation and scripting (e.g., Python, PowerShell)
- Knowledge of threat frameworks such as MITRE ATT&CK
Other
- Ability to balance technical depth with risk-based decision making
- Strong collaboration skills across engineering, risk, and business teams
- Proven ability to operate effectively in a fast-paced, evolving threat landscape
- Commitment to maintaining current knowledge of cybersecurity trends, threats, and technologies
In accordance with the Massachusetts Wage transparency act, the expected annual base salary for this Boston, MA, based position is $115,000 - $161,000. Actual annual base salaries may vary based on factors including but not limited to education, training, experience, and other job-related factors. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include discretionary bonuses and other Natixis sponsored benefit programs.
*Benefits eligibility is for permanent employees of Natixis Investment Managers. Interns, contractors and temporary workers are not eligible for benefits.
