Security Lead Engineer

At MFS you will find a culture that supports you in doing what you do best. Our employees work together to reach better outcomes favoring the strongest idea over the strongest individual. We put people first and demonstrate care and compassion for our community and each other. Because what we do matters to us as valued professionals and to the millions of people and institutions who rely on us to help them build more secure and prosperous futures.

THE ROLE

A technical security resource responsible for designing implementing and maintaining security measures to protect personnel property and information assets. This role combines demonstrated proficiency in information security disciplines across multiple security domains with solid understanding of security technologies and platforms.

The role also requires an advanced and broad knowledgeof modern technology with a solid understanding of related IT disciplines and how they interoperate.

Some characteristics include specific troubleshooting efforts of multiple security technologies and controls solid capabilities in control design and monitoring efforts advanced understanding of the field its practices and controls and its related technologies and progressive knowledge of current technologies threats vulnerabilities and exposures.

The Lead Security Engineer advances one or more security-related programs and/or oversee one or more complex projects scope of work or processes that drive results.

This role requires very minimal oversight and guidance.

WHAT YOU WILL DO

• Subject matter resource in multiple disciplines in the field of Cyber/Information Security while maintaining a proficient understanding of the field its frameworks programs practices and controls and its related technologies threats vulnerabilities risks and exposures.
• Leads the implementation integration and maintenance of enterprise-class security programs and solutions with quality outcomes such as incident response identity and access management cloud application and network security key and certificate management vulnerability management threat detection security information and event management and being able to quickly learn and adapt solutions as introduced to the security technology portfolio.
• Oversees the assessment establishment and monitor countermeasures that protect detect and/or deter when an unauthorized and/or suspicious activity.
• Directs activities with key stakeholders to assess identify design and implement security controls processes procedures and solutions within risk tolerance and ensure ongoing efficient stable and reliable operations.
• Drives the assessment identification design and implementation of approved methods and technologies to automate manual security-related tasks improving efficiency and quality wherever practicable and appropriate.
• Conducts security risk assessment and due diligence outcomes to methodically analyze technology solutions and processes identifying risks from both a technical and business perspective and recommending strategies to mitigate within risk tolerances. Assesses evaluates and presents security risk assessment data to wide range of peers stakeholders and potential management.
• Leads with security investigations according to documented procedures and managements directives. Maintains confidentiality in these matters and works to ensure the confidentiality of other information which is encountered during the discharge of security responsibilities.
• Advances multiple simultaneous projects of high complexity having broad goals and agreed upon outcomes under minimal supervision.
• Accountable for meeting assigned performance and project objectives including timelines and budget provides innovative suggestions for solutions and executes plans.
• Effectively communicates complicated often technical cyber security concepts clearly and accurately through non-technical means to ensure that all stakeholders are suitably informed.
• Collaborates with key stakeholders to assess and resolve security-related problems within risk appetite.
• Foster a collaborative and inclusive environment by acting as a resource for cross-functional team members to address questions obstacles and guidance to promote success.
• Continuously learns grows and adapts knowledge of security practices technologies and MFS business practices with the intent to analyze recommend and implement improvements for the reliability scalability performance and security as appropriate.

WHAT WE ARE LOOKING FOR

• Bachelors degree or equivalent experience in a related security technical field.
• 4-5 years of technology experience with 4-5 years of Information Security-specific work experience is required.
• CISSP preferred with CISM CRISC optional

Professional Knowledge and Experience

• Proficient demonstrated ability and application of core concepts frameworks practices and procedures of enterprise-class security program solutions and technologies such as incident response threat management vulnerability compliance cloud and application security and identity and access etc.
• Proficient demonstrated skill and/or application of modern technologies and associated administrative technical and physical controls for Active Directory Domain Controllers Cloud (Azure AWS SaaS PaaS IaaS) Window and Unix/Linux OS Oracle and SQL server Database architecture encryption end-point devices and basic networking
• Strong demonstrated understanding of basic risk assessment methodology concepts such as risk review challenge acceptance mitigation strategies and risk appetite associated with business processes operations information security programs and technology projects
• Strong demonstrated understanding of basic technology-related concepts frameworks and practices (e.g. Incident Problem and Change Management ITIL)
• Strong demonstrated understanding of project management concepts and able to manage multiple tasks and activities simultaneously (e.g. task identification interdependencies prioritization time management delivering quality outcomes)
• Solid demonstrated understanding of business practices processes and procedures of a particular business process and/or application (e.g. transfer agency trading research portfolio management distribution etc.)

Core Competencies (solid demonstration)

• Active Listening
• Critical Thinking
• Problem solving
• Attention to detail
• Collaboration and teamwork
• Effective communication
• Time Management
• Taking initiative
• Conflict resolution
• Coaching Mindset
• Strategic Mindset

Other

May be required to work at off-hours such as nights and weekends to prevent interruption to business operations

PREFERRED SKILLS

6 year of technology experience independent of the 6 years of Information Security-specific work experience

May have held previous positions such as:

• Sr. security engineer
• Sr. engineer within a technology discipline where some security aspects were within role

Professional designations available that certify an individuals potential ability to apply knowledge and execute at this level:

• CISSP (preferred)
• ISSEP (optional but nice to have)
• SSCP (optional)
• CISM (optional)
• CRISC (optional)

Core Competency considerations:

• Strong analytical problem solving writing and organizational skills; Adapts swiftly to changing priorities showing flexibility and resilience in a fast-paced work environment.
• Demonstrated ability to interact build relationships and communicate well with members of team and management; makes and deliver effective presentations.
• Strong interpersonal communication and negotiation skills.
• Demonstrates solid financial skills strategic and tactical planning.
• Proven ability to manage projects efficiently and effectively and to meet project deadlines
• Ability to multitask and shift priorities when necessary.

#LI-SS1

At MFS we believe in fair and transparent compensation. For that reason were including the salary range for this position. This range reflects our good-faith expectation forwhat well pay depending on the candidates experience training and addition to the salary we also offer significant and competitive incentive compensationbased on both individual and company performance. Other components of our Total Rewards Package include:

• MFS contributes an amount equal to 15% of your base salary to your retirement account that is separate from the company -sponsored 401(k)

• Education Assistance: MFS contributes $100 monthly up to $10000 lifetime maximum directly to loan provider

• Education Assistance: Tuition reimbursement up to $8000 annually

• Education Assistance: Access to discounted tutors and college coaches

• Generous time off and fully paid leaves including 20-weeks for maternity 12-weeks for parental and caregiver leaves

• Choice of medical and dental plans and an and an employer contribution into the Health Savings Account

• Tax deferred commuter benefits & flexible spending accounts (medical & dependent care)

• Wellness Programs: Robust wellness webinars employee assistance program with a focus on mental health subsidized fitness benefit via Wellhub (formerly Gympass) where you can workout at gyms studios and boutique fitness locations near you join virtual personal training sessions and access a wide variety of well-being apps

Our compensation philosophy is to pay competitively for talent while ensuring equity across employees performing comparable work. We are committed to transparency if you have questions about how we arrived at this range or what additional benefits and bonus opportunities come with the role well be happy to discuss them

#LI-HYBRID

At MFS we are dedicated to building a diverse inclusive and authentic workplace. If you are excited about this role but your past experience doesnt align perfectly we encourage you to apply - you might be just the right candidate for this role or others.

MFS is a hybrid work environment (remote/onsite) unless otherwise stated in the job posting.

If any applicant is unable to complete an application or respond to a job opening because of a disability please contact MFS at or email for assistance.

MFS is an Equal Opportunity Employer and it is our policy to not discriminate against any employee or applicant for employment because of race color religion sex national origin age marital status sexual orientation gender identity genetic information disability veteran status or any other status protected by federal state or local laws. Employees and applicants of MFS will not be subject to harassment on the basis of their status. Additionally retaliation including intimidation threats or coercion because an employee or applicant has objected to discrimination engaged or may engage in filing a complaint assisted in a review investigation or hearing or have otherwise sought to obtain their legal rights under any Federal State or local EEO law is prohibited. Please see the Know Your Rights: Workplace Discrimination is Illegal document linked for your reference.