Information Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

The Kraft Group & Affiliates · 8 hours ago

Information Security Engineer

positionFoxborough (Foxboro), MA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date4+ years exp

The Kraft Group & Affiliates is seeking an Information Security Engineer responsible for implementing and supporting security technologies and controls to protect the organization's IT infrastructure. This role involves improving security posture, executing security strategies, and providing technical expertise to security operations across the company.

Responsibilities

Design, deploy, and manage security solutions in alignment with security policies and business needs
Assist in conducting risk assessments, security reviews, and gap analyses for compliance with standards such as NIST, CIS, ISO 27001, HIPAA, and GDPR
Participate in vulnerability management lifecycle—monitoring alerts, identifying risks, and implementing remediation activities
Manage and operate enterprise security tools including Tenable, CrowdStrike, NG-SIEM, Cisco FirePower, NetSpi, CyberArk and Zscaler
Assist with firewall rule reviews, applying least privilege and zero-trust principles, and managing change workflows
Administer and enhance Privileged Access Management (PAM) solutions, including implementing Just-In-Time (JIT) access, credential rotation, session monitoring, and least-privilege controls using CyberArk or similar technologies
Respond to security incidents, performing triage, containment, documentation, and escalation in coordination with senior team members
Analyze security event logs and correlate data to identify threats and recommend improvements based on threat intelligence
Support penetration testing efforts by collaborating with third-party testers, reviewing findings, and assisting in remediation
Contribute to user awareness programs by promoting security best practices and supporting education initiatives across the organization
Collaborate with IT teams to guide and influence security best practices in operations, infrastructure, and application development
Assist in internal and external audit activities, including documenting controls, tracking exceptions, and managing remediation plans
Create and maintain security dashboards and reports to communicate trends, vulnerabilities, and risk metrics to leadership
Stay informed of evolving security threats, technologies, and industry developments to improve security measures
Work with IT and development teams to ensure security is integrated into design and implementation processes
Special projects and assignments as business dictates
Responsible for the creation, maintenance and control of all personally identifiable information or any other information protected by Confidentiality and Privacy Standards see Mass Regulations on Personal Identity Regulations and HIPAA

Qualification

Cybersecurity architectureSecurity engineeringDefense-in-DepthZero-Trust Security ModelsEnterprise PlatformsNetwork security conceptsRegulatory compliance frameworksAnalytical skillsSecurity risk mitigationUser awareness programsSecurity best practicesIncident responseSecurity dashboardsThreat intelligencePenetration testingPrivileged Access ManagementSecurity solutions deploymentChange managementCommunication skillsProblem-solving skillsDocumentation skillsCross-functional collaboration

Required

4-6 years of experience in cybersecurity architecture, security engineering, or related fields, with a track record of implementing security solutions
Strong understanding of Defense-in-Depth, Zero-Trust Security Models, and Compensating Controls
Experience in security design and implementation for Enterprise Platforms and Operating Systems (Windows, Unix/ Linux)
Familiarity with network security concepts, firewalls, and enterprise security controls (Cisco iOS & NX-OS, Aruba OS, Extreme XOS)
Experience with Enterprise NGFW platforms (Cisco FTD) and advanced threat detection tools
Familiarity with regulatory compliance frameworks such as CIS, CISA, NIST, ISO 27001, ISO 27002, HIPAA, GDPR
Ability to support cross-functional security projects and provide security guidance to IT teams
Strong analytical and problem-solving skills with a focus on security risk mitigation
Strong communication and documentation skills for reporting security risks and solutions to stakeholders

Preferred

Bachelor's degree in Cybersecurity, Computer Science, or Information Systems
Certified Information Systems Security Professional (CISSP) or similar certifications

Company

The Kraft Group & Affiliates

twitter
company-logo
In 1965, Robert Kraft graduated from the Harvard Business School and began laying the foundation for starting companies based on working with customers in a highly personalized way.
dateFounded in 1965
location
Foxboro, Massachusetts, US
people-size1001-5000 employees
web-link
http://www.thekraftgroup.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Eileen Casey
Chief Tax Officer
linkedin
leader-logo
Joey Cohen
Partnerships Coordinator
linkedin
Company data provided by crunchbase