Information Security Engineer
Job in
Boston, Suffolk County, Massachusetts, 02298, USA
Listed on 2026-05-08
Listing for:
Analysis Group
Full Time
position Listed on 2026-05-08
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Information Security, Network Security
Job Description & How to Apply Below
Analysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise.
The Information Security Engineer will work with the Information Security Manager on the continuous improvement, development, and support of the firm's cybersecurity program, operations, and systems security. The Information Security Engineer will be responsible for implementing and administering security tools, event analysis, responding to security incidents, third-party risk management, and cloud security. The Security Engineer will practice a business-first approach by understanding AG's business goals, organizational needs, and technologies.
Essential Job Functions and Responsibilities:
* Security Engineering and Architecture
* Design, deploy, and optimize security controls aligned to Zero Trust principles, including identity-centric access, device posture validation, and least privilege access.
* Implement and support ZTNA/SSE platforms (e.g., Netskope/Zscaler or similar) for secure remote access and data protection.
* Engineer and maintain defense-in-depth controls across endpoints, network, identity, and cloud environments.
Partner with IT and architecture teams to ensure secure-by-design implementations across infrastructure and applications.
* Security Operations, Logging, and Detection
* Own and enhance SIEM capabilities, including log ingestion, normalization, correlation, and alert tuning.
* Develop and maintain detection use cases, dashboards, and alerting strategies to improve threat visibility and reduce false positives.
* Monitor, triage, and investigate security alerts across multiple platforms (SIEM, EDR/XDR, cloud security tools).
* Perform root cause analysis and drive remediation efforts for security incidents.
* Contribute to security automation and orchestration initiatives where applicable.
* Threat Detection and Incident Response
* Lead or support incident response activities, including containment, eradication, recovery, and post-incident reviews.
* Investigate phishing, malware, and anomalous activity across enterprise systems.
* Continuously improve incident detection and response playbooks.
* Identity, Data, and Access Security
* Support and enhance Identity and Access Management (IAM) and Privileged Access Management (PAM) controls.
* Implement and manage data protection capabilities, including data classification, DLP, and encryption.
* Enforce strong access controls across cloud and on-premise systems.
* Cloud and Enterprise Security
* Implement and maintain security controls across Azure and AWS, including:
* Conditional access and identity protection
* Workload and infrastructure security
* SaaS application security posture
* Support secure configuration and monitoring of enterprise systems and services.
* Vulnerability and Risk Management
* Participate in the vulnerability management lifecycle, including scanning, prioritization, and remediation tracking.
* Support risk assessments, audits, and vendor security evaluations.
* Contribute to the ongoing development and maturity of the Information Security Management System (ISMS).
* Emerging Technology and AI Security
* Evaluate and support controls for AI/ML systems and generative AI usage, including monitoring, guardrails, and data protection.
* Stay informed on evolving threats related to AI and recommend appropriate mitigation strategies.
* Collaboration and Continuous Improvement
* Act as a security subject matter expert on technical projects and implementations.
* Partner with cross-functional teams to improve security processes, tooling, and awareness.
* Recommend enhancements to improve visibility, detection capability, and response efficiency.
* Provide rotational on-call support for security events and incidents.
Qualifications:
* Bachelor's degree required; degree in Information Security, Computer Science, or related field preferred.
* An ideal candidate will have 3-5 years of experience in cybersecurity, security engineering, or security operations. Experience in a professional services or consulting environment is preferred.
* Hands-on experience with SIEM platforms (log analysis, correlation, alert tuning), EDR/XDR tools, or ZTNA/SSE platforms (e.g., Netskope/Zscaler or similar) required.
* Strong understanding of logging architectures and detection engineering, as well as security monitoring and incident response workflows.
* Experience with cloud security (Azure and/or AWS).
* Solid understanding of networking fundamentals (TCP/IP, DNS, firewalls, VPNs, segmentation).
* Experience managing and optimizing security tools and platforms…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×