At Shawmut Design and Construction, we’re proud that the culture we’ve built as a 100% employee-owned company as we have been recognized with over 83 Best Place to Work awards. Including Best Workplace by Fortune Magazine, Fortune Best Workplace for Women, Fortune Best Workplace for Millennials, Great Place to Work’s Best Workplace for Parents, and one of America’s Best Employers by Forbes.
Here’s a glimpse into what we are offering:
Health, Dental and Vision Insurance.Employee Stock Ownership Plan (ESOP) - be an employee owner!401K with Match - receive company match up to 4% of your eligible pay.Generous Paid Time Off policy - including vacation, summer Fridays, holidays, personal sick and a volunteer day.The Extras: cell phone, laptop, tuition reimbursement, pet insurance, financial planning services and many more. ResponsibilitiesWe are seeking a motivated and skilled Information Security Engineer to safeguard Shawmut’s digital assets and ensure robust security operations. Reporting to the Director of Information Security, this role focuses on enhancing the organization’s security posture through the implementation of new security controls, managing vulnerabilities, responding to incidents, and collaborating with our Managed Detection and Response (MDR) provider to ensure full visibility of our environment. The successful candidate will drive security initiatives, implement best practices, and foster a culture of security awareness across the organization. The key responsibilities will be:
Vulnerability Management:Lead Shawmut’s vulnerability management program by maintaining scanning infrastructure, configuring and executing scans, and reviewing vulnerability data.Prioritize identified vulnerabilities and collaborate with IT to ensure timely remediation.Track and report remediation progress and ensure alignment with security best practices.Cloud Security:Implement and enhance Microsoft security tools, including Microsoft Defender, Microsoft Cloud App Security, and Microsoft Purview for compliance and data protection.Optimize Conditional Access policies, cloud configuration, and Secure Score.Technical Control Reviews:Conduct regular assessments of technical security controls to verify compliance with established standards and identify areas for improvement.Incident Response:Collaborate with our MDR provider and IT to monitor, investigate, and respond to security alerts.periodic review of MDR/SOC use cases and tuning of alerts.Security Awareness and Training:Deliver engaging security awareness trainings, including phishing simulations and interactive training sessions.
Qualifications 2-4 years of experience in information security.Strong knowledge of vulnerability management practices and tools.Hands-on experience with Microsoft Azure and M365 security tools.Experience working in a SOC or familiarity with working alongside MDR providers.Experience with incident response processes and playbook development.Strong analytical and problem-solving skills.Familiarity with security frameworks (e.g., CIS, NIST).Relevant certifications (e.g., Azure Security Engineer Associate, CISSP) are a plus.
We look forward to hearing from you!
Eligible candidates must be authorized to work in the United States without sponsorship or restriction, now and in the future.
Shawmut prohibits discrimination against any staff member or applicant on the basis of race, color, sex, sexual orientation, gender identity/expression, age, religion, national origin, marital status, veteran status, pregnancy, physical or mental disability, genetic information, disability, creed, citizenship status, or any other legally protected characteristic.
Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Application FAQsApplicant Tracking Software
www.icims.com