×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager

Security Engineer, Information Security, Architecture and Engineering - Technology Soluti

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Tech Economy
Full Time position
Listed on 2026-05-22
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Staff Security Engineer, Information Security, Architecture and Engineering - Technology Soluti[...]

WHERE YOU’LL FIT WITHIN THE TEAM

Staff Security Engineers are responsible for the security posture of the full PE platform estate on Microsoft Azure and AKS, from supply chain security and Kubernetes hardening through to data boundary enforcement and AI egress controls. You work across teams as a specialist and trusted partner, embedding security into the development lifecycle rather than bolting it on at the end. For a platform handling sensitive PE deal data for 10,000+ users, security is a first‑class engineering concern, not a compliance checkbox.

You set and enforce security standards, build controls as code, and partner with Platform Engineering, Data Platform, Product Engineering, and the Agent/AI squad to reduce risk while enabling rapid delivery.

PLATFORM SECURITY ENGINEERING AND OPERATIONS (80%)
  • Own and operate the platform’s security posture end‑to‑end across core controls:
    Hashi Corp Vault and/or Azure Key Vault, Istio mTLS, Cilium network policy, Pod Security Standards, and OPA/Gatekeeper policies.
  • Design and implement zero‑trust security architecture across the estate: defense in depth, least privilege, and explicit security boundary design.
  • Conduct lightweight threat modelling (STRIDE) for new services and major features before implementation; document risks, mitigations, and residual risk decisions.
  • Manage supply chain security controls: container image scanning, image signing, SBOM generation, and dependency vulnerability management.
  • Define and enforce identity and access controls: SAML/OIDC integration patterns, JWT/OAuth concepts, and practical enterprise IdP integration guidance (Okta/Entra).
  • Define and maintain data classification controls and enforce them at the platform layer (governed access patterns, masking/tokenization, and API‑layer enforcement).
  • Own runtime detection controls: operate Falco rules and escalation pathways; integrate relevant signals with the central SIEM and reduce alert noise to maintain usable signal.
  • Lead security incident response for the platform; drive containment, remediation, and post‑incident security reviews with clear follow‑up actions.
  • Run regular security reviews of the AI layer:
    Agent Gateway egress controls, prompt injection risks, PII handling, and data exfiltration controls for model interactions.
  • Maintain security runbooks and execute quarterly internal security reviews across teams; ensure controls are tested, auditable, and actively maintained.
OTHER (20%)
  • Embed in select PE squad ceremonies (refinement, planning, design reviews) to catch security concerns early and raise testability/operability requirements for security controls.
  • Partner with Platform Engineering on secure‑by‑default templates and guardrails (policy‑as‑code libraries, reusable CI checks, pre‑commit hooks) to reduce repeated effort across squads.
  • Collaborate with the Data Governance Lead on PII classification, tokenization policy, and regulatory/compliance requirements (SOC 2 Type II, ISO 27001, GDPR).
  • Embed in centralized Application security team to promote secure AI tooling to accelerate threat modelling, security policy drafting, and CVE triage; validate outputs with expert judgement before adoption.
  • Communicate security risks in business‑impact terms and prioritize controls that materially reduce risk.
ABOUT YOU
  • Bachelor’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or a related field (or equivalent practical experience).
  • 6+ years of experience in security engineering, infrastructure security, SRE/Dev Ops with a security focus, or platform engineering roles with hands‑on security ownership.
  • Demonstrated experience implementing and operating security controls in Kubernetes‑based production environments (policy enforcement, workload isolation, network controls, and runtime detection).
  • Experience designing and operating secrets management and identity/access controls (Hashi Corp Vault and/or Azure Key Vault, PKI, OIDC/SAML patterns, enterprise IdP integration).
  • Experience implementing supply chain security practices (scanning, signing, SBOMs, dependency management) and integrating controls into CI/CD pipelines.
  • Experience leading or materially…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search