Commonwealth Financial Network

  • Information Security Engineer

    Job Locations US-MA-Waltham
    Job ID
    # of Openings
    Technology - Operations, Engineering & Support
  • Overview

    We are not your typical financial services firm. For starters, we’re a fast-growing company with 30 percent of our employee head count in technology. We’ve been recognized as a Best Place to Work 38 times (and counting), and Computerworld has ranked us highly nationwide for the past 11 years as one of the best places to work in IT—and for good reason. We think and have fun like a start-up (bocce tournament, annual turkey fry, summer outing, etc.) yet have the financial stability to offer you the best training and technology money can buy. Conveniently located on the commuter rail near the intersection of Route 95 and the Mass Pike, we’re accessible from anywhere—and away from the congestion of a downtown commute.
    Discover what it’s like to be psyched to come to work every day! We offer you:


    • A generous bonus plan
    • Stock options and use of vacation properties (Cape Cod, Lake Winnipesaukee, Sunday River, Key Biscayne, Las Vegas, Park City, the Bahamas, and the Dominican Republic)
    • An opportunity to participate in our Idea Lab, a fun and dynamic program that lets us dedicate time to experimentation
    • A more relaxed, “dress for your day” dress code
    • A free on-site fitness center
    • Ample opportunity to volunteer with and support local charities
    • A VTO (volunteer time off) day to use toward a cause that’s important to you
    • Tuition reimbursement
    • Free breakfast on Fridays
    • A competitive benefits package—and much more

    About the Opportunity

    Commonwealth is adding to its team of information security engineers. We’re looking for someone to help identify information security risks and define and implement technical solutions to mitigate or lessen those risks. The information security engineer will also lead the implementation of key information security initiatives. Primary responsibilities include identifying and implementing solutions in compliance with corporate information security policies, managing existing security systems, performing event analysis, and responding to incidents, as well as auditing and safeguarding of all computer platforms, data, and networking components within the corporation and overseeing the security configuration.
    If you think you have what it takes—and you have your CISSP—then let’s talk.


    • Designing, implementing, and configuring security applications and infrastructure to support corporate policies, as well as federal and state security regulations
    • Being an information security subject matter expert; assisting application development and system/network engineering teams to configure and deploy systems and applications in a secure manner
    • Taking an active role in incident response
    • Overseeing vulnerability management and reporting, IDS/IPS management, DB security, OS security, and the like
    • Actively reviewing logs and taking appropriate actions to maintain our security posture
    • Managing firewalls and other security devices
    • Planning and conducting infrastructure security assessments of all layers of the information system, including networks, servers, operating systems, databases, and applications
    • Implementing new technologies as required to support the ever-changing security landscape
    • Maintaining close liaison with other departments on technical matters; potentially working closely with vendors or customers on technical information, escalation issues, or modifications related to projects
    • Serving as technical lead on security projects
    • Supporting the security needs of our national network of geographically dispersed financial advisor offices


    • Bachelor’s degree in a technical discipline or equivalent work experience
    • 5+ years in an information security role
    • Extensive experience implementing and maintaining vulnerability management tools, preferably Tenable Security Center
    • Experience implementing and maintaining log management solutions
    • Familiarity with Palo Alto and Check Point firewall technology
    • In-depth knowledge of the design and implementation of IDS/IPS solutions, VPNs, SSL, Endpoint Security solutions, and web filtering
    • Experience with cloud security, particularly Microsoft Azure and Office 365
    • Experience documenting technology standards and operational procedures
    • Experience with incident response strategies and forensics
    • Experience with Linux operating systems
    • Familiarity with risk assessment and knowledge of IT risk management concepts
    • Familiarity with NIST 800-53 and ISO 270001 standards
    • Excellent oral and written communication skills
    • Excellent customer service skills
    • Ability to interact with technical staff across multiple systems and disciplines; high degree of self-sufficiency, ownership, and pride in deliverables
    • Scripting or programming experience is a plus
    • ITIL and ITSM background is a plus
    • CISSP required; GIAC or other certifications a plus


    Have we piqued your curiosity? Can you see yourself thriving in this career opportunity, as well as our Anything but Common® workplace culture? If so—and if your background and experience align with our needs—please do submit your application right away.


    Commonwealth Financial Network® is an equal opportunity employer that is committed to a diverse workforce.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed