Sr. Cybersecurity Engineer
Natixis Investment Managers · Boston, Massachusetts · Posted Jun 23, 2026
Apply on company site Track it in JobSkout
The Senior Cybersecurity Engineer is responsible for designing, implementing, and operating enterprise security controls across network, cloud, and identity domains. This role leads detection and response engineering, ensures the effectiveness of security controls, and partners with technology and business teams to manage cybersecurity risk in alignment with regulatory and industry frameworks.
The position plays a key role in advancing Zero Trust architecture, strengthening monitoring and response capabilities, and supporting compliance obligations within a financial services environment.
What you will do:
Security Engineering & Architecture
Design, implement, and maintain enterprise security controls across network, cloud, endpoint, and identity platforms
Support the development and adoption of Zero Trust architecture principles across the enterprise
Partner with architecture and engineering teams to define and validate security requirements for new systems and applications
Ensure security is embedded into system design and software development lifecycle processes (DevSecOps)
Detection & Response Engineering
Develop, implement, and continuously improve detection use cases within SIEM/XDR platforms
Lead incident response activities, including investigation, containment, eradication, and post-incident analysis
Perform threat hunting and proactively identify potential adversary activity
Drive automation of response workflows and orchestration of security operations
Cloud & Platform Security
Secure cloud environments (e.g., AWS, Azure, M365) through appropriate control design and configuration
Implement and manage cloud security posture management (CSPM) and workload protection capabilities
Review and assess cloud architectures for security risks and compliance with internal standards
Identity & Access Security
Partner with identity teams to strengthen IAM, PAM, and identity-centric security controls
Support implementation of least privilege access, strong authentication, and access governance practices
Contribute to identity-driven Zero Trust initiatives
Data Security
Support enterprise data protection strategies including data classification, protection, and monitoring
Enhance and mature capabilities beyond traditional DLP to align with business and regulatory requirements
Ensure secure data exchange and integration with third parties and external partners
Threat & Vulnerability Management
Support vulnerability management through risk-based prioritization and remediation guidance
Integrate threat intelligence into detection and response processes
Continuously evaluate emerging threats and control effectiveness
Risk, Compliance & Governance
Support compliance with regulatory requirements (e.g., SEC, FINRA) and internal security policies
Partner with risk, audit, and compliance teams to demonstrate control effectiveness
Contribute to cybersecurity metrics, reporting, and risk posture communication to leadership
Participate in and support the Security Incident Response Team (SIRT)
Collaboration & Continuous Improvement
Serve as a subject matter expert to business units and technology teams
Establish and manage relationships with security vendors and service providers
Contribute to continuous improvement of cybersecurity capabilities, processes, and control effectiveness
Support security awareness and training initiatives where appropriate
What you will bring:
Required
Bachelor’s degree in Cybersecurity, Information Technology, or related discipline (or equivalent experience)
8+ years of experience in cybersecurity engineering, with progressive responsibility in security operations and infrastructure
Strong experience across one or more of the following domains: Security engineering (network, endpoint, cloud)
Detection and response engineering (SIEM/XDR)
Identity and access management
Deep understanding of cybersecurity principles, frameworks, and control design (e.g., NIST CSF)
Experience with incident response, threat detection, and investigation processes
Knowledge of enterprise environments including networks, systems, and cloud platforms
Strong analytical, problem-solving, and communication skills
Preferred
Relevant certifications such as: CISSP
Cloud security certifications (AWS, Azure)
GIAC certifications (e.g., GCIA, GCIH, GCED)
Experience in financial services or highly regulated environments
Familiarity with regulatory and compliance expectations (SEC, FINRA, etc.)
Experience with security automation and scripting (e.g., Python, PowerShell)
Knowledge of threat frameworks such as MITRE ATT&CK
Other
Ability to balance technical depth with risk-based decision making
Strong collaboration skills across engineering, risk, and business teams
Proven ability to operate effectively in a fast-paced, evolving threat landscape
Commitment to maintaining current knowledge of cybersecurity trends, threats, and technologies
Who we are:
We put the best interests of our clients, employees, communities, a…