If you’re looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match! From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs. On top of all that, the Information Security department offers a hybrid work schedule, so you’ll be able to work from home for part of the week!
We’re looking for an email and data security engineer to join our ranks. Are you an experienced security engineer with strong knowledge and technical expertise? As a Commonwealth email and data security engineer, you will be a key member of the Information Security Engineering team. You will use your strong understanding of email systems, data and communication security solutions, and design processes to enable and deliver resilient email and data security services. You will work collaboratively with the Information Security teams to ensure that solutions and services are designed and adopted effectively. A key responsibility of this role will be performing maintenance and support functions for the company’s email and data security systems. This role will allow us to create a more reliable and secure environment. This is a new position within a growing team that’s transforming the way we work.
Key Responsibilities
Email Security:
- Email Security Technology Design: Designing and implementing secure email architectures, including the selection and configuration of email gateways, filtering systems, and encryption technologies
- Anti-Phishing Measures: Implementing anti-phishing solutions to detect and prevent phishing attacks
- Spam and Malware Protection: Configuring and managing spam filters and antivirus solutions
- Encryption and Data Loss Prevention (DLP): Deploying encryption mechanisms to protect sensitive information within emails and implementing DLP solutions to prevent unauthorized disclosure of CFN confidential data
- Authentication Protocols: Configuring and enforcing email authentication protocols such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance)
- Incident Response: Developing and implementing incident response plans to quickly identify and mitigate email security incidents, including the investigation of security breaches and the recovery of compromised accounts. Includes integration with CFN SIEM/SOAR platforms
- Security Awareness Training: Providing training and awareness programs for users to recognize and respond to email-based threats, promoting a security-conscious culture within the organization
- Policy Development and Compliance: Developing and enforcing email security policies to ensure compliance with industry regulations and standards, as well as internal security requirements
- Continuous Monitoring and Analysis: Implementing tools and processes for continuous monitoring of email traffic, analyzing logs, and staying informed about emerging threats to proactively adapt security measures
- Collaboration with IT and InfoSec Teams: Working closely with IT teams, email administrators, and the InfoSec team to integrate email security measures with overall organizational security strategies
Data Security:
- Data Security: Implementing and maintaining data security controls to ensure compliance with relevant regulations and industry standards
- Data Security Best Practices: Collaborating with other IT teams and the business to integrate data security best practices into development and operations processes
- Microsoft Information Protection: Configuring and deploying Microsoft Information Protection in a hybrid environment to enable data discovery, classification and labeling
- Data Loss Prevention: Deploying, managing, and maintaining endpoint and network data loss prevention solutions
- Continuous Security Assessments: Performing security assessments and identifying vulnerabilities in data systems
- Data Encryption Solutions: Developing and implementing data encryption strategies across all critical systems and network
- Ongoing Documentation: Designing and documenting data flow charts and security diagrams for existing and future solutions
- Data Security Liaison: Acting as a subject matter expert by responding to internal and external customer inquiries regarding the company’s information security systems, incidents, and issues
Core Strengths and Skills
- Strong knowledge and understanding of email, data security architecture, protocols, and controls
- Deep knowledge of email and data security investigations
- Expertise in implementing and managing email-based data loss prevention
- Expertise with threat detection and response tools including Microsoft 365 advanced threat protection and Proofpoint or similar technologies
- Ability to stay positive, and adapt quickly to changing business requirements
- Ability to think through problems and visualize strategic solutions
- Strong understanding of email and data security issues and threats and how they can be manifested in complex environments
- Understanding of email security fundamentals and common protocols (DNS, SMTP, IMAP, IMAPS, DMARC, DKIM, SPF)
- Strong communication, consultative, influencing, and presentation skills
Additional Desirable Skills and Knowledge
- Bachelor’s degree in information systems or a related discipline, or equivalent training
- 5+ years of related work experience in email or data security role
- Technical expertise inemail and data security systems such as Microsoft 365 and Exchange Online, Varonis, SASE, or other third-party email security solutions
- Expertise in designing and implementing Microsoft 365, Azure, and AWS data security controls
- Experience with Azure Information Protection
- Ability to implement, administer, and troubleshoot email infrastructure services
- Experience with email incident response processes and procedures
- Understanding the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, and others)
- Security-related certifications such as OSCP, GCIH, GCIA, Proofpoint Administrator, MS365 Security administrator
Have we piqued your curiosity? Can you see yourself thriving in this opportunity?
Picture Yourself Here
At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another. That’s why we invest in you—we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible healthcare benefits; and we find plenty of occasions to celebrate. What’s not to love?
We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you.
About Commonwealth
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.
Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 44 Best Place to Work awards.
The Fine Print
We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.