Apply Now

Security Engineering Manager- (Local to MA)

Hybrid in Boston, MA, US • Posted 1 day ago • Updated 1 day ago

Contract Independent

Contract W2

Contract Corp To Corp

Able to Sponsor

Hybrid

Depends on Experience

Lorvenk Technologies LLC

Fitment

Dice Job Match Score™

👾 Reticulating splines...

Job Details

Skills

Access Control
Active Directory
Amazon EC2
Amazon RDS
Amazon S3
Amazon VPC
Amazon Web Services
CISSP
Cisco Certifications
CISM
Cloud Computing
Analytics
Artificial Intelligence
Auditing
Authentication
Backup
Data Flow
Continuous Improvement
Continuous Integration
Cyber Security
Data Engineering
Banking
Cloud Security
Encryption
Endpoint Protection
Finance
Financial Services
Data Security
Design Patterns
DevSecOps
Generative Artificial Intelligence (AI)
Data Governance
Firewall
IT Audit
GC
Scratch
SIEM
SSO
Security Architecture
Security Controls
Software Development
Software Development Methodology
Security Engineering
Servers
Snow Flake Schema

Summary

Role: Security Engineering Manager
Location: Boston, MA (Hybrid)
Exp: 14+ Yrs
Visa: local to MA

Interview: Virtual + F2F interview

POSITION SUMMARY: This is a unique opportunity for a strong technologist to be one of founding members of the team building a strategic data and AI platform from scratch for a well-established bank
Security Engineering Manager will lead and execute cybersecurity engineering across our existing on-premises infrastructure, new AWS cloud environment, Snowflake data platform, and emerging AI application ecosystem.
This is not a pure oversight or policy role. The primary need is a senior technical security practitioner who can hands-on design, build, harden, implement, troubleshoot, and continuously improve security controls. The role will manage and mentor a small team of talented security engineers, but the individual must remain deeply hands-on and comfortable acting as the senior technical architect executor for cybersecurity engineering.
The ideal candidate has strong financial services experience, has previously helped secure a new AWS environment from the ground up, understands traditional infrastructure and data center security, and can help the Bank safely adopt cloud, data, and AI technologies.

Key Responsibilities
1. Security Engineering & Architecture
Own the design, implementation, and continuous improvement of security controls across infrastructure, cloud, applications, data platforms, and AI solutions.
Responsibilities include:
Design and implement practical security architectures for on-premises systems, AWS, Snowflake, and internally developed AI applications.
Translate cybersecurity standards and risk requirements into deployable technical controls.
Build secure-by-design patterns for identity, network segmentation, encryption, logging, monitoring, endpoint protection, vulnerability management, and access governance.
Serve as a senior technical security advisor to infrastructure, engineering, data, AI, and vendor teams.
Evaluate new technologies and ensure security requirements are embedded early in design and delivery.
AWS security is a critical part of this role. AWS defines cloud security as a shared responsibility model, where AWS is responsible for security of the cloud and customers are responsible for security in the cloud. This role will own the Bank s side of that responsibility across identity, networking, data protection, monitoring, governance, and workload security.

2. AWS Cloud Security
Lead the security design and implementation for the Bank s new AWS environment.
Responsibilities include:
Secure a new AWS environment from initial design through operationalization.
Implement multi-account security patterns, IAM controls, least privilege access, SCPs, logging, monitoring, encryption, secrets management, vulnerability scanning, and network segmentation.
Design secure VPC, subnet, routing, security group, and NACL patterns.
Implement controls across services such as IAM, Organizations, CloudTrail, CloudWatch, GuardDuty, Security Hub, Config, KMS, Secrets Manager, Macie, Inspector, S3, Lambda, RDS, EC2, ECS/EKS as applicable.
Partner with infrastructure and engineering teams to embed security into CI/CD, IaC, cloud provisioning, and operational support.
Establish AWS security baselines and exception management processes.
AWS specifically highlights data protection, encryption in transit, IAM, infrastructure security, security groups, subnet controls, resilience, and compliance validation as part of managing security responsibilities for Amazon VPC.

3. On-Premises Infrastructure & Data Center Security
Own security engineering for the Bank s existing data center and infrastructure environment.
Responsibilities include:
Maintain and improve controls across servers, endpoints, firewalls, networks, Active Directory, privileged access, remote access, vulnerability management, patching, EDR, SIEM/logging, backup security, and segmentation.
Strengthen identity and access controls across Microsoft/Windows environments.
Support remediation of audit findings and security gaps across existing infrastructure.
Partner with IT operations to ensure cybersecurity controls are practical, sustainable, and operationally reliable.
Help modernize legacy security patterns while reducing operational risk.

4. Snowflake & Data Platform Security
Support the secure implementation and operation of Snowflake and the Bank s broader data platform.
Responsibilities include:
Design and review Snowflake access controls, role hierarchy, authentication, MFA/SSO integration, network policies, data classification, masking, row-level access, and audit logging.
Partner with data engineering and analytics teams to ensure sensitive banking data is protected appropriately.
Support security patterns for data ingestion, transformation, sharing, and reporting.
Ensure appropriate monitoring, alerting, and governance around privileged access, service accounts, and data movement.
Snowflake experience is strongly preferred; direct implementation experience is a major plus.

5. AI Security
Lead security work for internally developed AI applications and AI-enabled business capabilities.
Responsibilities include:
Define and implement security guardrails for AI applications, including RAG, chatbots, AI agents, document intelligence, and internally developed AI tools.
Address AI-specific risks such as prompt injection, data leakage, insecure output handling, excessive agency, model misuse, unsafe integrations, and sensitive information exposure.
Partner with AI/data engineering teams to secure model access, data flows, vector stores, APIs, plugins/tools, and application permissions.
Establish controls for AI application logging, monitoring, testing, human review, access governance, and incident response.
Monitor external AI-enabled cyber threats, including phishing, social engineering, malware generation, deepfakes, and adversarial automation.
AI security is now a distinct discipline. The OWASP Top 10 for LLM Applications identifies risks such as prompt injection, insecure output handling, training data poisoning, model denial of service, supply chain vulnerabilities, and sensitive information disclosure. NIST has also published a Generative AI Profile under its AI Risk Management Framework to help organizations identify and manage risks unique to generative AI.

6. Team Leadership & Mentorship
Manage a small team of approximately two security engineers while remaining hands-on.
Responsibilities include:
Provide technical direction, mentoring, and daily guidance to security engineers.
Help upskill the team in AWS, Snowflake, AI security, automation, and modern security engineering practices.
Assign work, review technical outputs, and ensure timely execution of security initiatives.
Build a culture of ownership, urgency, documentation, and practical risk reduction.
Act as manager, lead and senior individual contributor.

7. Audit, Risk & Vendor Management
Serve as the technical cybersecurity point of contact for internal security audit, regulatory exams, and vendor security matters.
Responsibilities include:
Face off with Security Audit, Risk, Compliance, and regulatory stakeholders.
Provide evidence, explanations, remediation plans, and technical responses for audit findings.
Translate audit and regulatory requirements into specific technical actions.
Support vendor security assessments, third-party reviews, and ongoing vendor oversight.
Review vendor security architecture, access models, SOC reports, control gaps, and remediation plans.
Partner with the Information Security Officer, IT leadership, and business stakeholders to ensure cybersecurity controls meet banking expectations.

Required Qualifications
8+ years of hands-on cybersecurity experience, with significant experience in security engineering, cloud security, infrastructure security, or security architecture.
Prior experience in financial services, banking, fintech, payments, lending, insurance, or another regulated financial environment is required.
Proven experience securing and operationalizing an AWS environment, ideally from early-stage setup or greenfield implementation.
Strong hands-on knowledge of AWS security services, IAM, networking, encryption, logging, monitoring, and cloud governance.
Strong understanding of on-premises infrastructure security, including Windows/Active Directory, network security, endpoint security, vulnerability management, privileged access, and SIEM/logging.
Practical experience designing and implementing security controls, not just reviewing policies or writing standards.
AI security experience, especially securing LLM-based applications, RAG systems, AI agents, internal AI tools, or AI-enabled workflows
Demonstrated ability to lead, mentor, and manage a small technical security team.
Experience supporting audits, regulatory exams, security assessments, and evidence collection.
Strong communication skills with the ability to explain technical security matters to IT, audit, risk, vendors, and senior leadership.
Independent, self-directed working style with the ability to own outcomes without heavy supervision.

Strongly Preferred Qualifications
Snowflake security experience, including RBAC, masking policies, row access policies, network policies, SSO, logging, and data governance.
Experience with secure software development, DevSecOps, CI/CD security, SAST/DAST/SCA, secrets scanning, container security, and infrastructure-as-code security.
Experience with AWS Control Tower, Organizations, SCPs, GuardDuty, Security Hub, Config, IAM Identity Center, KMS, Macie, Inspector, CloudTrail, and CloudWatch.
Experience with Microsoft security ecosystem, including Entra ID, Defender, Purview, Intune, Sentinel, or related tools.
Security certifications such as CISSP, CCSP, AWS Certified Security Specialty, CISM, GIAC, or equivalent practical experience.

Desired Technical Skills
AWS security architecture and operations
IAM, least privilege, privileged access management
Network security, firewalls, segmentation, VPN, zero trust concepts
Active Directory and Microsoft security controls
Endpoint detection and response
Vulnerability management and patch governance
SIEM, logging, alerting, and incident response
CloudTrail, GuardDuty, Security Hub, Config, KMS, Macie, Inspector, Crowd Strike
Snowflake access control and data protection
AI/LLM application security
Secure SDLC and DevSecOps
Vendor security reviews
Audit evidence and remediation management
Security automation and scripting

Education
Bachelor s degree in Computer Science, Engineering, Information Systems, or related field required; advanced degree preferred

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91098630
Position Id: 8983412
Posted 1 day ago

Company Info

About Lorvenk Technologies LLC

Lorvenk Technologies , founded in Virginia-USA, is a leading provider of Custom Application Development and end-to-end IT Services to clients globally. We use a client-centric engagement model that combines local on-site and off-site resources with the cost, global expertise and quality advantages of off-shore operations. We deliver Custom Application Development, Application Modernization, Business Process Outsourcing and Professional IT Services from office locations in USA and India.

Go to company profile

Contact the job poster

Mohan Krishna

Recruiter @ Lorvenk Technologies LLC

View Profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Snowflake Database Architect/Engineer

Boston, Massachusetts

•

12d ago

Snowflake Database Architect/Engineer You will serve an integral part in assisting with the migration, maintenance, update, and support of various database platforms Activities will also include cross-functional collaboration with software development, security, and data warehouse teams. Essential Functions and Responsibilities: Maintain a Snowflake data warehouse, and data replication from various sources. Set up and maintain security and access for production. Development responsibilities i

Easy Apply

Contract

Depends on Experience

Search all similar jobs