Job Description

The Senior Cybersecurity Engineer is responsible for designing, implementing, and operating enterprise security controls across network, cloud, and identity domains. This role leads detection and response engineering, ensures the effectiveness of security controls, and partners with technology and business teams to manage cybersecurity risk in alignment with regulatory and industry frameworks.

The position plays a key role in advancing Zero Trust architecture, strengthening monitoring and response capabilities, and supporting compliance obligations within a financial services environment.

What you will do:
Security Engineering & Architecture

• Design, implement, and maintain enterprise security controls across network, cloud, endpoint, and identity platforms
• Support the development and adoption of Zero Trust architecture principles across the enterprise
• Partner with architecture and engineering teams to define and validate security requirements for new systems and applications
• Ensure security is embedded into system design and software development lifecycle processes (DevSecOps)

Detection & Response Engineering

• Develop, implement, and continuously improve detection use cases within SIEM/XDR platforms
• Lead incident response activities, including investigation, containment, eradication, and post-incident analysis
• Perform threat hunting and proactively identify potential adversary activity
• Drive automation of response workflows and orchestration of security operations
  Cloud & Platform Security
• Secure cloud environments (e.g., AWS, Azure, M365) through appropriate control design and configuration
• Implement and manage cloud security posture management (CSPM) and workload protection capabilities
• Review and assess cloud architectures for security risks and compliance with internal standards

Identity & Access Security

• Partner with identity teams to strengthen IAM, PAM, and identity-centric security controls
• Support implementation of least privilege access, strong authentication, and access governance practices
• Contribute to identity-driven Zero Trust initiatives
  Data Security
• Support enterprise data protection strategies including data classification, protection, and monitoring
• Enhance and mature capabilities beyond traditional DLP to align with business and regulatory requirements
• Ensure secure data exchange and integration with third parties and external partners

Threat & Vulnerability Management

• Support vulnerability management through risk-based prioritization and remediation guidance
• Integrate threat intelligence into detection and response processes
• Continuously evaluate emerging threats and control effectiveness

Risk, Compliance & Governance

• Support compliance with regulatory requirements (e.g., SEC, FINRA) and internal security policies
• Partner with risk, audit, and compliance teams to demonstrate control effectiveness
• Contribute to cybersecurity metrics, reporting, and risk posture communication to leadership
• Participate in and support the Security Incident Response Team (SIRT)

Collaboration & Continuous Improvement

• Serve as a subject matter expert to business units and technology teams
• Establish and manage relationships with security vendors and service providers
• Contribute to continuous improvement of cybersecurity capabilities, processes, and control effectiveness
• Support security awareness and training initiatives where appropriate

What you will bring:
Required

• Bachelor’s degree in Cybersecurity, Information Technology, or related discipline (or equivalent experience)
• 8+ years of experience in cybersecurity engineering, with progressive responsibility in security operations and infrastructure
• Strong experience across one or more of the following domains:
  • Security engineering (network, endpoint, cloud)
  • Detection and response engineering (SIEM/XDR)
  • Identity and access management
• Deep understanding of cybersecurity principles, frameworks, and control design (e.g., NIST CSF)
• Experience with incident response, threat detection, and investigation processes
• Knowledge of enterprise environments including networks, systems, and cloud platforms
• Strong analytical, problem-solving, and communication skills

Preferred

• Relevant certifications such as:
  • CISSP
  • Cloud security certifications (AWS, Azure)
  • GIAC certifications (e.g., GCIA, GCIH, GCED)
• Experience in financial services or highly regulated environments
• Familiarity with regulatory and compliance expectations (SEC, FINRA, etc.)
• Experience with security automation and scripting (e.g., Python, PowerShell)
• Knowledge of threat frameworks such as MITRE ATT&CK

Other

• Ability to balance technical depth with risk-based decision making
• Strong collaboration skills across engineering, risk, and business teams
• Proven ability to operate effectively in a fast-paced, evolving threat landscape
• Commitment to maintaining current knowledge of cybersecurity trends, threats, and technologies

Who we are:
We put the best interests of our clients, employees, communities, and environment first in everything we do. We’re dedicated to fostering a culture of collaboration, diversity, and inclusion that supports employee growth. We believe this creates equal opportunities for our employees — and better outcomes for our clients and communities. We offer a robust benefits package designed to integrate life and work and to support our employees. Benefits include, but are not limited to; comprehensive medical, dental and vision insurance, paid time off, 401k plan, tuition reimbursement, student loan repayment program, wellness benefits and volunteer programs*.

#NatixisIMCulture

In accordance with the Massachusetts Wage transparency act, the expected annual base salary for this Boston, MA, based position is $115,000 - $161,000. Actual annual base salaries may vary based on factors including but not limited to education, training, experience, and other job-related factors. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include discretionary bonuses and other Natixis sponsored benefit programs.

Natixis Investment Managers is an equal opportunity employer and does not discriminate in recruiting, hiring, training, promotion or other terms, conditions and privileges of employment on the basis of race, color, age, national origin, ancestry, religion, sex (including pregnancy), sexual orientation, gender identity, genetic information, military or veteran status, physical or mental disability, or any other status protected by law.

Natixis Investment Managers does not charge fees to participate in the interview process or for employment equipment and does not send employment offers through social media channels. We take security and privacy seriously. If you have been contacted by someone claiming to represent Natixis Investment Managers and are unsure about the legitimacy of the communication, please verify the contact details with Natixis Investment Managers directly.

*Benefits eligibility is for permanent employees of Natixis Investment Managers. Interns, contractors and temporary workers are not eligible for benefits.