×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager Systems Engineer

Security Engineer

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Action for Boston Community Development
Full Time position
Listed on 2026-03-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager, Systems Engineer
Salary/Wage Range or Industry Benchmark: 91000 - 94000 USD Yearly USD 91000.00 94000.00 YEAR
Job Description & How to Apply Below

Security Engineer

Department: Information Technology

Employment Type: Permanent - Full Time

Location: Downtown Boston - Tremont Street

Compensation: $91,000 - $94,000 / year

Description

The Information Security Engineer is responsible for safeguarding ABCD’s systems, networks, and sensitive client and employee information across a 40+ site, multi-program environment. This role serves as ABCD’s primary internal cybersecurity subject matter expert. The Engineer leads security operations, incident response, risk management, and security program development while strengthening the organization’s overall cybersecurity maturity. The position combines hands‑on technical execution with practical governance and risk oversight to support mission‑critical community services.

Key Responsibilities
  • Monitor, investigate, and respond to security alerts across cloud and on-premises systems.
  • Maintain and improve detection rules, alerting, and response playbooks.
  • Oversee log visibility and security monitoring across identity, endpoint, email, and network systems.
  • Lead end-to-end incident response (phishing, malware, account compromise, data exposure, suspicious activity).
  • Coordinate containment, eradication, recovery, documentation, and post-incident reviews.
  • Conduct periodic incident response exercises and ensure lessons learned result in strengthened controls.
  • Escalate significant risk conditions to ITS leadership with clear remediation recommendations.
  • Manage vulnerability scanning, remediation tracking, and risk prioritization.
  • Partner with infrastructure and support teams to ensure timely patching and mitigation.
  • Conduct risk assessments for new systems, integrations, and cloud services.
  • Maintain secure configuration baselines aligned with recognized frameworks (NIST, CIS Controls).
  • Strengthen identity and access management controls (MFA, conditional access, privileged access, lifecycle management).
  • Maintain least‑privilege standards and periodic access reviews.
  • Advance data protection practices including encryption, secure sharing, and retention controls.
  • Support data classification and protection of highly sensitive program information.
  • Develop and maintain security policies, standards, and procedures.
  • Support compliance with applicable federal, state, and grant‑based cybersecurity and privacy requirements.
  • Coordinate security documentation required for audits and cyber insurance renewals.
  • Track and report key security metrics and risk trends to ITS leadership.
  • Contribute to the development of a multi‑year cybersecurity roadmap aligned with organizational risk.
  • Deliver or coordinate security awareness initiatives, including phishing simulations.
  • Improve secure email handling and reporting workflows across the organization.
  • Partner with program leadership to reinforce secure practices in field and client‑facing environments.
  • Conduct security reviews of vendors and systems (questionnaires, SOC reports, risk analysis).
  • Track vendor remediation commitments and contract‑related security obligations.
  • Support business impact analysis and recovery planning.
  • Coordinate backup validation and participate in recovery testing to ensure operational resilience.
Technology Environment (Examples)

Experience with some of the following is helpful (not all required):

  • Google Workspace security and administration
  • Endpoint security / EDR and device management
  • Network security appliances, firewalls, VPN, DNS filtering
  • Vulnerability management platforms
  • SIEM or centralized log management tools
Skills, Knowledge and Expertise
  • 3–7 years of progressive experience in security engineering, security operations, or IT security administration.
  • Strong working knowledge of identity and access management, endpoint security, email security, network fundamentals, vulnerability management, and incident response.
  • Demonstrated ability to translate security risk into practical, prioritized remediation in resource‑constrained environments.
  • Excellent documentation skills (incident reports, risk findings, SOPs)
  • Strong communication skills and ability to work effectively with non‑technical staff and program leadership.
Preferred Qualifications
  • Experience in a multi‑site or nonprofit…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search