Skip to main content
Posted July 15, 2026

Cyber Security Engineer (On-Site)

Middlesex Savings Bank
Westborough, Massachusetts, United States 01581 Full Time
Reference: 285841694


Cyber Security Engineer (On-Site)

US-MA-Westborough

Job ID: 5743
Type: Full Time
# of Openings: 1
Category: IT/Operations - Information Security
Westborough Operations Center

Overview

The cybersecurity engineer has a dual role in the Bank: a responsibility for architecting, building, and maintaining secure environments and applications that are designed to protect the Bank's networks, data and digital assets from risk. In addition, a responsibility for monitoring, detecting, and responding to security related risks. Their primary focus is strengthening defenses, identifying vulnerabilities and weaknesses, responding to threats, and implementing measures to continually strengthen the Banks security posture.

Responsibilities

  • Threat Hunting, Monitoring, Detection, and Response:
  • Monitor security alerts and dashboards (SIEM, Vulnerability Management, , etc.) for suspicious activity.
    • Triage and respond to security incidents. Escalate to senior analysts or the incident response team when necessary.
    • Investigate and document security observations/incidents, ensuring resolution.
    • Analyze logs, network traffic, and endpoint activity for signs for malicious behavior.
    • Perform regular vulnerability assessments and prioritize risk within the network, system, and applications.
  • Create formal incidents and support the investigation of such incidents.
  • Conduct Security Assessments: Perform regular security audits, vulnerability assessments, and penetration testing to identify and mitigate potential risks.
  • Correlate telemetry data from security systems to identity cyber threats, risk patterns, and control weaknesses.
  • System & Security Application Administration:
  • Implementation, secure configuration, and ongoing management of the Bank’s security environments and applications. Examples of systems/functions a Cyber Security Engineer may be responsible for are firewall management, IDS/IPS, perimeter security, protective DNS, vulnerability detection/response, secure email and spam protection, application whitelisting, remote access, etc.).
  • Server ownership - building, hardening, securing, and ongoing management of assigned server assets.
    • Identifying and mitigating vulnerabilities on assigned assets.
    • Ensures assigned systems and required data is backed up successfully.
    • Ensures adherence to IT security control requirements.
  • Security Application ownership
    • Effective configuration of application functionality, detection, and mitigation abilities.
    • Identifying and mitigating vulnerabilities on assigned applications.
    • Review system, application, and security logs across assigned systems to ensure that all are functional and secure.
  • Manages and leverages third party vendor relationships as required.
  • Participates in the planning and execution of the Business Continuity and Disaster Recovery Plan.
  • Ensures assigned systems and applications are prepared for planned or unplanned DR failover.
  • Manages and communicates system and applications changes using the change management process.
  • Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats.


Qualifications

Education
  • Bachelor's Degree in computer science, information systems or equivalent work experience is required
Work Experience
  • Experience managing and securing Microsoft Windows or Linux is is required
  • 5+ years experience supporting security components and applying security best practices across an enterprise application/network infrastructure is required
Knowledge, Skills, and Abilities
  • Working knowledge of IT security controls and how to manage their effectiveness.
  • Strong understanding of cybersecurity protocols, including intrusion detection systems, firewalls, patch management, and vulnerability management.
  • Formal technical training on Microsoft technologies, Network Operating Systems and Internet perimeter components required.
  • Working knowledge of CIS Top 18 Controls or alternative security frameworks.
  • Certified Information Systems Security Professional (CISSP) desired but not required.
  • An ability to perform independent analysis of complex problems and distill relevant findings and root causes
  • Must possess excellent analytical, organizational and documentation skills.
  • Experience analyzing and interpreting alert notifications from organizations such as FS-ISAC and CERN
Licenses and Certifications
  • Industry standard certification required in a technical discipline to include one of the following Network Operating System (Microsoft), or Network infrastructure, or Information Security. Required


Equal Opportunity Employer, including disability/protected veterans



Equal employment opportunity, including veterans and individuals with disabilities.

PI285841694

Sign up for Job Alerts