Email Data Security Engineer - Waltham, United States - Knewin
Description
Overview
If you're looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs.
We're looking for an email and data security engineer to join our ranks.
Are you an experienced security engineer with strong knowledge and technical expertise? As a Commonwealth email and data security engineer, you will be a key member of theInformation SecurityEngineering team.
You will use your strong understanding of email systems, data and communication security solutions, and design processes to enable and deliver resilient email and data security services.
You will work collaboratively with the Information Security teams to ensure that solutions and services are designed and adopted effectively.
A key responsibility of this role will be performing maintenance and support functions for the company's email and data security systems.
This role will allow us to create a more reliable and secure environment. This is a new position within a growing team that's transforming the way we work.Key Responsibilities
Email Security:
Email Security Technology Design:
Designing and implementing secure email architectures, including the selection and configuration of email gateways, filtering systems, and encryption technologies
Anti-Phishing Measures:
Implementing anti-phishing solutions to detect and prevent phishing attacks
Spam and Malware Protection:
Configuring and managing spam filters and antivirus solutions
Encryption and Data Loss Prevention (DLP):
Deploying encryption mechanisms to protect sensitive information within emails and implementing DLP solutions to prevent unauthorized disclosure of CFN confidential data
Authentication Protocols:
Configuring and enforcing email authentication protocols such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance)
Incident Response:
Developing and implementing incident response plans to quickly identify and mitigate email security incidents, including the investigation of security breaches and the recovery of compromised accounts.
Security Awareness Training:
Providing training and awareness programs for users to recognize and respond to email-based threats, promoting a security-conscious culture within the organization
Policy Development and Compliance:
Developing and enforcing email security policies to ensure compliance with industry regulations and standards, as well as internal security requirements
Continuous Monitoring and Analysis:
Implementing tools and processes for continuous monitoring of email traffic, analyzing logs, and staying informed about emerging threats to proactively adapt security measures
Collaboration with IT and InfoSec Teams:
Working closely with IT teams, email administrators, and the InfoSec team to integrate email security measures with overall organizational security strategies
Data Security
:
Data Security:
Implementing and maintaining data security controls to ensure compliance with relevant regulations and industry standards
Data Security Best Practices:
Collaborating with other IT teams and the business to integrate data security best practices into development and operations processes
Microsoft Information Protection:
Configuring and deploying Microsoft Information Protection in a hybrid environment to enable data discovery, classification and labeling
Data Loss Prevention:
Deploying, managing, and maintaining endpoint and network data loss prevention solutions
Continuous Security Assessments:
Performing security assessments and identifying vulnerabilities in data systems
Data Encryption Solutions:
Developing and implementing data encryption strategies across all critical systems and network
Ongoing Documentation:
Designing and documenting data flow charts and security diagrams for existing and future solutions
Data Security Liaison:
Acting as a subject matter expert by responding to internal and external customer inquiries regarding the company's information security systems, incidents, and issues
Core Strengths and Skills
Strong knowledge and understanding of email, data security architecture, protocols, and controls
Deep knowledge of email and data security investigations
Expertise in implementing and managing email-based data loss prevention
Expertise with threat detection and response tools including Microsoft 365 advanced threat protection and Proofpoint or similar technologies
Ability to stay positive, andadapt quickly to changing business requirements
Ability to think through problems and visualize strategic solutions
Strong understanding of email and data security issues and threats and how they can be manifested in complex environments
Understanding of email security fundamentals and common protocols (DNS, SMTP, IMAP, IMAPS, DMARC, DKIM, SPF)
Strong communication, consultative, influencing, and presentationskills
AdditionalDesirableSkills and Knowledge
Bachelor's degree in information systems or a related discipline, or equivalent training
5+ years of related work experience in email or datasecurity role
Technical expertiseinemail and data security systems such as Microsoft 365 and Exchange Online, Varonis, SASE, or other third-party email security solutions
Expertise in designing and implementing Microsoft 365, Azure, and AWS data security controls
Experience with Azure Information Protection
Ability to implement, administer, and troubleshoot email infrastructure services
Experience with email incident response processes and procedures
Understanding the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, and others)
Security-related certifications such as OSCP, GCIH, GCIA, Proofpoint Administrator, MS365 Security administrator
Have we piqued your curiosity? Can you see yourself thriving in this opportunity?
Picture Yourself Here
At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another.
That's why we invest in you—we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible healthcare benefits; and we find plenty of occasions to celebrate.
What's not to love?We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you.
About Commonwealth
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide.
Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.Turning our advisors into raving fans starts by doing the same for our employees.
We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 44 Best Place to Work awards.
The Fine PrintWe care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online.
Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.Min Max
#J-18808-Ljbffr