Security Engineer

Department: Information Technology

Employment Type: Permanent - Full Time

Location: Downtown Boston - Tremont Street

Compensation: $90,000 - $97,000 / year

Description

Key Responsibilities

• Monitor, investigate, and respond to security alerts across cloud and on-premises systems.
• Maintain and improve detection rules, alerting, and response playbooks.
• Oversee log visibility and security monitoring across identity, endpoint, email, and network systems.
  
  

• Lead end-to-end incident response (phishing, malware, account compromise, data exposure, suspicious activity).
• Coordinate containment, eradication, recovery, documentation, and post-incident reviews.
• Conduct periodic incident response exercises and ensure lessons learned result in strengthened controls.
• Escalate significant risk conditions to ITS leadership with clear remediation recommendations.
  
  

• Manage vulnerability scanning, remediation tracking, and risk prioritization.
• Partner with infrastructure and support teams to ensure timely patching and mitigation.
• Conduct risk assessments for new systems, integrations, and cloud services.
• Maintain secure configuration baselines aligned with recognized frameworks (NIST, CIS Controls).
  
  

• Strengthen identity and access management controls (MFA, conditional access, privileged access, lifecycle management).
• Maintain least-privilege standards and periodic access reviews.
• Advance data protection practices including encryption, secure sharing, and retention controls.
• Support data classification and protection of highly sensitive program information.
  
  

• Develop and maintain security policies, standards, and procedures.
• Support compliance with applicable federal, state, and grant-based cybersecurity and privacy requirements.
• Coordinate security documentation required for audits and cyber insurance renewals.
• Track and report key security metrics and risk trends to ITS leadership.
• Contribute to the development of a multi-year cybersecurity roadmap aligned with organizational risk.
  
  

• Deliver or coordinate security awareness initiatives, including phishing simulations.
• Improve secure email handling and reporting workflows across the organization.
• Partner with program leadership to reinforce secure practices in field and client-facing environments.
  
  

• Conduct security reviews of vendors and systems (questionnaires, SOC reports, risk analysis).
• Track vendor remediation commitments and contract-related security obligations.
  
  

• Support business impact analysis and recovery planning.
• Coordinate backup validation and participate in recovery testing to ensure operational resilience.
  
  

• Google Workspace security and administration
• Endpoint security / EDR and device management
• Network security appliances, firewalls, VPN, DNS filtering
• Vulnerability management platforms
• SIEM or centralized log management tools
  
  

Skills, Knowledge and Expertise

• 3–7 years of progressive experience in security engineering, security operations, or IT security administration.
• Strong working knowledge of identity and access management, endpoint security, email security, network fundamentals, vulnerability management, and incident response.
• Demonstrated ability to translate security risk into practical, prioritized remediation in resource-constrained environments.
• Excellent documentation skills (incident reports, risk findings, SOPs)
• Strong communication skills and ability to work effectively with non-technical staff and program leadership.
  
  

• Experience in a multi-site or nonprofit organization handling sensitive personal information.
• Familiarity with NIST CSF, NIST 800-series frameworks, or CIS Controls.
• Security certifications such as Security+, SSCP, CySA+, GSEC, CISSP (or in progress).
  
  

• Calm and decisive during incidents
• Strong investigative and analytical skills
• Organized and risk-prioritized
• Clear and respectful communicator
• Mission-oriented and collaborative
  
  

• Travel to program sites as needed.
• Occasional after-hours response may be required for high-severity incidents or planned maintenance.
  
  

Benefits

• Make a Difference: Every day, your work directly impacts the lives of thousands in the Greater Boston community, empowering them and making positive, lasting change.
• Inclusive Environment: ABCD values the diversity of its workforce, with an inclusive culture that respects individuality and promotes collaboration.
• Continuous Learning: We offer numerous training and development opportunities, ensuring our staff remain at the forefront of community action methodologies and strategies.
• Comprehensive Benefits: At ABCD, we take care of our own, providing a competitive benefits package, including health coverage and retirement plans.
• A Legacy of Impact: Join an organization that boasts a legacy spanning over half a century, consistently championing the rights and needs of our community's most vulnerable.
• Teamwork & Camaraderie: Be a part of a passionate team, united in their mission to combat poverty, and ensure every individual can reach their fullest potential.