Role Description We are seeking a highly experienced and skilled Senior Data Protection Engineer to join our IT Security organization in our Worcester, MA office or remote work arrangement. The Security Engineer (SIEM & IDS/IPS Administrator) is responsible for the end-to-end administration, maintenance, and optimization of the organization’s on-premise Security Information and Event Management (SIEM) platform and Intrusion Detection/Prevention Systems (IDS/IPS). This role ensures that these critical security technologies remain highly available, strategically aligned with enterprise security objectives, governed according to policy, and operating at peak effectiveness. The engineer will work closely with cybersecurity, infrastructure, and governance teams to ensure that threat detection, alerting, and response capabilities are robust, reliable, and continuously improving. This is a full time, exempt position. Responsibilities - SIEM Administration & Engineering - Manage, maintain, and optimize the on-premise SIEM platform, including log ingestion, parsing, correlation rules, dashboards, and alerting. - Ensure SIEM availability, performance, and scalability to support enterprise security monitoring needs. - Develop and tune detection rules, correlation logic, and use cases aligned with threat intelligence and organizational risk. - Oversee log source onboarding, configuration, and validation across servers, applications, network devices, and security tools. - Conduct regular SIEM health checks, capacity planning, and lifecycle management. - IDS/IPS Administration & Engineering - Administer and maintain on-premise IDS/IPS platforms, ensuring accurate detection and prevention of malicious activity. - Tune signatures, policies, and rulesets to reduce false positives while maintaining strong detection coverage. - Monitor IDS/IPS performance, availability, and event trends to identify anomalies or operational issues. - Coordinate with network and security teams to implement policy updates, rule changes, and architectural improvements. - Operational Excellence & Governance - Ensure both SIEM and IDS/IPS solutions are aligned with security governance frameworks, compliance requirements, and organizational policies. - Maintain documentation for system configurations, processes, runbooks, and governance controls. - Support audit activities by providing evidence, reports, and system configuration details. - Participate in incident response activities by providing SIEM/IDS/IPS insights, event analysis, and technical expertise. - Strategic Alignment & Continuous Improvement - Evaluate emerging threats and recommend enhancements to detection logic and monitoring capabilities. - Collaborate with architecture and leadership teams to align SIEM and IDS/IPS strategies with long-term security objectives. - Identify opportunities to automate processes, improve detection fidelity, and enhance operational efficiency. Qualifications - Minimum 5 years of hands-on experience administering, managing, and maintaining an on-premise SIEM security solution. - Minimum 5 years of hands-on experience administering, managing, and maintaining an on-premise IDS/IPS security solution. - Demonstrated experience ensuring high availability, governance alignment, and operational effectiveness of security monitoring technologies. - Strong understanding of SIEM architecture, log ingestion pipelines, correlation logic, and event normalization. - Expertise with IDS/IPS technologies, signature tuning, network traffic analysis, and threat detection methodologies. - Proficiency with security log formats (syslog, JSON, CEF, LEEF, etc.). - Familiarity with network protocols, firewall rules, and enterprise network architecture. - Experience with Linux/Windows server administration as it relates to security tooling. - Ability to analyze security events, identify patterns, and support incident response. - Strong analytical and problem-solving abilities. - Excellent communication skills for cross-team collaboration. - Ability to work independently in a remote environment while managing multiple priorities. - Detail-oriented mindset with a commitment to governance, documentation, and operational discipline. Preferred Qualifications - Industry certifications such as: - GIAC (GCIA, GCDA, GCED, GMON) - CompTIA Security+ / CySA+ - CISSP or equivalent - Experience with automation (Python, PowerShell, or similar). - Familiarity with threat intelligence platforms and frameworks (MITRE ATT&CK, NIST CSF). Benefits - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only)

• Investigate phishing attacks, suspicious login activity, and account compromise incidents • Perform threat hunting, log analysis, containment, and remediation • Lead response efforts for Microsoft 365 and Azure-related security events • Collaborate with security partners and vendors during active incidents • Conduct post-incident reviews and improve prevention strategies • Design and improve Conditional Access policies and identity security controls • Manage and optimize Microsoft Defender and Entra ID security features • Support and troubleshoot Azure infrastructure and Azure Virtual Desktop environments • Handle complex escalations involving networking, virtualization, storage, and authentication • Assist with automation and infrastructure-as-code initiatives • Mentor junior engineers and contribute to technical standards

• Serve as the technical lead for advanced microgrid control system projects from sales handover through commissioning and ongoing support • Plan, develop, implement, test, and troubleshoot microgrid control systems to ensure successful project delivery • Lead on-site and remote startup and commissioning activities, including development and execution of commissioning test plans • Provide high-level technical support for in-progress projects and operating microgrid systems, including triage and resolution of customer issues • Partner cross-functionally with Controls Engineering, Service, Commissioning, and Sales teams to deliver strong customer outcomes • Balance hands-on project execution with continuous improvement of project processes, standards, and quality • Mentor and support team members through technical guidance, knowledge sharing, and collaboration • Communicate project status, challenges, and progress clearly to internal stakeholders and customers

• Respond to reactive maintenance requests for gas heating systems, boilers, and appliances across multiple client sites • Carry out planned preventative maintenance (PPM) on gas equipment in accordance with manufacturer specifications and statutory requirements • Diagnose faults and complete repairs efficiently to minimize client downtime • Install, commission, and service commercial gas heating systems and appliances • Conduct gas safety checks and maintain accurate records of all work completed • Ensure all work complies with Gas Safety Regulations and relevant industry standards • Maintain company vehicle, tools, and equipment to a high standard • Provide excellent customer service and represent JLL professionally at all times • Complete job sheets, risk assessments, and method statements accurately and promptly • Participate in an on-call rota as required