Product Security Engineer / Architect - Email Security

State Street
Boston, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 203K

Job location

Boston, United States of America

Tech stack

Artificial Intelligence
Architectural Patterns
Computer Security
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Identity and Access Management
Simple Mail Transfer Protocols
Microsoft Security Essentials
Microsoft Office
Phishing
Security Information and Event Management
Systems Integration
Scripting (Bash/Python/Go/Ruby)
Software Security
Malware
Cyber Threat Analysis
Sender Policy Framework (SPF)
Spoofing
Information Technology
Cyber Warfare
Data Pipelines
Cisco networks

Job description

  • Define and drive the enterprise email security strategy, architecture, and roadmap.
  • Lead the evaluation, implementation, and continuous improvement of email security technologies and controls.
  • Partner with the GTS Email Platform team, which owns and operates the enterprise email infrastructure, to design and deploy security capabilities across the email ecosystem.
  • Collaborate with the Cyber Defense Center (CDC) to enhance detection, investigation, and response capabilities for phishing, business email compromise (BEC), account takeover, and other email-borne threats.
  • Work with Threat Intelligence, Identity Security, and Incident Response teams to identify emerging threats and improve defensive controls.
  • Lead product evaluations, proof-of-concepts, and vendor assessments for email security technologies.
  • Drive integration of email security solutions with security monitoring, analytics, and response platforms.
  • Develop security standards, architectural patterns, and implementation guidance for email security controls.
  • Track and report key metrics related to email threat protection, phishing resilience, and risk reduction.
  • Serve as a subject matter expert for enterprise email security initiatives.

Requirements

  • Experience with enterprise email security technologies such as Microsoft Defender for Office 365, Proofpoint, Abnormal Security, Mimecast, Cisco Secure Email, or similar platforms.
  • Strong understanding of phishing, business email compromise (BEC), account takeover, malware, social engineering, and email-based threats.
  • Knowledge of email security technologies including SPF, DKIM, DMARC, SMTP security, and email authentication frameworks.
  • Experience designing and implementing enterprise-scale email security controls and architectures.
  • Experience integrating email security platforms with SIEM, SOAR, identity, endpoint, and threat intelligence solutions.
  • Strong analytical, problem-solving, automation, and scripting skills.
  • Excellent communication and stakeholder management skills., * Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience.
  • 8+ years of experience in cybersecurity, security engineering, or security architecture.
  • 5+ years of hands-on experience with email security technologies and threat protection solutions.
  • Experience working in financial services or other regulated industries preferred.
  • Relevant certifications such as CISSP, CCSP, GIAC, or Microsoft Security certifications preferred.

Additional Requirements

  • Experience developing security strategies, roadmaps, and architecture standards.
  • Familiarity with emerging AI-driven phishing, impersonation, and social engineering threats.
  • Strong collaboration skills and ability to work across Cyber Security, GTS, and Engineering organizations.
  • Ability to translate security risks into actionable technical solutions.

Work Requirement

  • Hybrid work model in accordance with company policy.
  • Ability to collaborate effectively with global teams across multiple time zones.
  • Standard business hours with flexibility to support critical security incidents and initiatives when required.

Benefits & conditions

$120,000 - $202,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

Apply for this position