Role Description We are seeking a highly experienced and skilled Senior Information Security Engineer to join our IT Security organization in our Worcester, MA office or remote work arrangement. The Senior Information Security Engineer (SIEM & IDS/IPS Administrator) is responsible for the end‑to‑end administration, maintenance, and optimization of the organization’s on‑premise Security Information and Event Management (SIEM) platform and Intrusion Detection/Prevention Systems (IDS/IPS). This role ensures that these critical security technologies remain highly available, strategically aligned with enterprise security objectives, governed according to policy, and operating at peak effectiveness. The engineer will work closely with cybersecurity, infrastructure, and governance teams to ensure that threat detection, alerting, and response capabilities are robust, reliable, and continuously improving. This is a full time, exempt position. Responsibilities - SIEM Administration & Engineering - Manage, maintain, and optimize the on‑premise SIEM platform, including log ingestion, parsing, correlation rules, dashboards, and alerting. - Ensure SIEM availability, performance, and scalability to support enterprise security monitoring needs. - Develop and tune detection rules, correlation logic, and use cases aligned with threat intelligence and organizational risk. - Oversee log source onboarding, configuration, and validation across servers, applications, network devices, and security tools. - Conduct regular SIEM health checks, capacity planning, and lifecycle management. - IDS/IPS Administration & Engineering - Administer and maintain on‑premise IDS/IPS platforms, ensuring accurate detection and prevention of malicious activity. - Tune signatures, policies, and rulesets to reduce false positives while maintaining strong detection coverage. - Monitor IDS/IPS performance, availability, and event trends to identify anomalies or operational issues. - Coordinate with network and security teams to implement policy updates, rule changes, and architectural improvements. - Operational Excellence & Governance - Ensure both SIEM and IDS/IPS solutions are aligned with security governance frameworks, compliance requirements, and organizational policies. - Maintain documentation for system configurations, processes, runbooks, and governance controls. - Support audit activities by providing evidence, reports, and system configuration details. - Participate in incident response activities by providing SIEM/IDS/IPS insights, event analysis, and technical expertise. - Strategic Alignment & Continuous Improvement - Evaluate emerging threats and recommend enhancements to detection logic and monitoring capabilities. - Collaborate with architecture and leadership teams to align SIEM and IDS/IPS strategies with long‑term security objectives. - Identify opportunities to automate processes, improve detection fidelity, and enhance operational efficiency. Qualifications - Minimum 5 years of hands‑on experience administering, managing, and maintaining an on‑premise SIEM security solution and an on‑premise IDS/IPS security solution. - Demonstrated experience ensuring high availability, governance alignment, and operational effectiveness of security monitoring technologies. - Strong understanding of SIEM architecture, log ingestion pipelines, correlation logic, and event normalization. - Expertise with IDS/IPS technologies, signature tuning, network traffic analysis, and threat detection methodologies. - Proficiency with security log formats (syslog, JSON, CEF, LEEF, etc.). - Familiarity with network protocols, firewall rules, and enterprise network architecture. - Experience with Linux/Windows server administration as it relates to security tooling. - Ability to analyze security events, identify patterns, and support incident response. - Strong analytical and problem‑solving abilities. - Excellent communication skills for cross‑team collaboration. - Ability to work independently in a remote environment while managing multiple priorities. - Detail‑oriented mindset with a commitment to governance, documentation, and operational discipline. Preferred Qualifications - Industry certifications such as: - GIAC (GCIA, GCDA, GCED, GMON) - CompTIA Security+ / CySA+ - CISSP or equivalent - Experience with automation (Python, PowerShell, or similar). - Familiarity with threat intelligence platforms and frameworks (MITRE ATT&CK, NIST CSF). Benefits - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only)

Role Description Trail of Bits seeks a Security Engineer 1 for our growing Software Assurance practice. You'll contribute to security assessments of client software, partnering with senior engineers, identifying vulnerabilities across the application and system level. You'll own pieces of client engagements, drive your own vulnerability analysis, and develop tools alongside the team. This role bridges vulnerability research and applied security, where you'll find real issues in real code and help clients understand and fix them. Your work will be hands-on and autonomous: analyzing complex code, building custom tooling, conducting threat modeling, and owning your findings through to client delivery. What You’ll Achieve - Security Assessment Ownership: Lead security assessments for specific components, modules, or systems within larger client engagements. Identify vulnerabilities, trace root causes, and own your analysis from discovery through client delivery. - Vulnerability Discovery and Analysis: Find and validate real vulnerabilities in application code and systems. Explain exploitation paths, assess impact, and develop proof-of-concept code when needed. You'll do the work, not just assist. - Custom Security Tooling: Design and build security testing tools and automation for vulnerability detection. Own tool development from concept through deployment on client projects. - Architecture and Threat Modeling: Conduct threat modeling and architecture reviews of software systems. Identify attack surfaces, data flows, and security boundaries. Propose concrete mitigations. - Client Communication: Translate technical findings into clear, actionable recommendations for engineering teams. Own client relationships for your component of the work. - Research and Innovation: Contribute to security research initiatives. Build tools, document findings, and stay on the cutting edge of vulnerability research and application security. Qualifications - Demonstrable vulnerability research capability - Proven ability to find and validate real vulnerabilities. This means: CTF wins, published CVEs, bug bounty finds, or security research that shows you can actually discover exploitable issues. - Strong code analysis skills - You can read complex code, trace execution, identify logic flaws, and explain why something is exploitable. You understand the difference between a tool flagging something and it actually being a vulnerability. - Hands-on coding proficiency - Fluent in at least two of: Rust, Go, C, C++, Python, JavaScript, TypeScript, or similar. You write code for security analysis and tool development, not just consume it. - Memory safety understanding - You understand memory corruption vulnerabilities (buffer overflows, use-after-free, etc.) and modern mitigations (ASLR, DEP, CFI). You can reason about exploit primitives. - Systems knowledge - Deep familiarity with operating systems, IPC, privilege boundaries, and how applications interact with system internals. This isn't theoretical, you've worked with this stuff. - Autonomous problem-solving - You drive your own work. You own pieces of engagements. You ask good questions, debug issues, and reach conclusions without hand-holding. - Clear technical communication - You can explain complex security findings to engineers. Your reports get read because they're clear and actionable. You can defend your analysis. Nice to Have - Active CTF participation - Current or recent CTF team participation, CTF wins, or rankings. Shows you can solve hard security problems under pressure. - Published vulnerability research - CVEs, bug bounties, responsible disclosures, or security writeups. Shows you've found real issues and validated them. - Open source security contributions - Tools, libraries, or research contributions to open source projects. Shows you can ship security work. - Mobile security experience - Android, iOS, or macOS internals. Binary analysis on mobile platforms. - Published technical writing - Blog posts, security research writeups, conference talks, or technical documentation. - Cloud security experience - AWS, GCP, or Azure security assessment and architecture review. - Kernel or low-level development - Experience with kernel code, drivers, or system-level programming. About You You're 0–2 years into your security career, or you're coming from software engineering with a strong security foundation. You have proven ability to find vulnerabilities and understand how systems break. You're autonomous, you own your work, you drive your own analysis, and you don't need someone looking over your shoulder. We're looking for people who've already proven they can do this work: CTF players, people with CVE disclosures, bug bounty hunters, strong engineering grads who've built security tools. You should be capable of owning a piece of a security engagement and driving it to completion. Years of experience don't matter. Demonstrated ability matters. Can you find vulnerabilities? Can you understand complex code and systems? Can you own your work? If yes, let's talk. Salary Information The base salary for this full-time position ranges from $100,000 to $160,000 excluding benefits and potential bonuses. Various factors influence our salary ranges, including the specific role, level of seniority, geographic location, and the nature of the employment contract. An individual's specific work location, unique skills, experience, and relevant educational background will determine the final offer within this range. The presented salary range encompasses the starting salaries for all U.S. locations. For a precise salary estimate tailored to your preferred location, please discuss it with your recruiter during the hiring process. Benefits - Competitive salary complemented by performance-based bonuses. - Fully company-paid insurance packages, including health, dental, vision, disability, and life. - A solid 401(k) plan with a 5% match of your base salary. - 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations. - 4 months of parental leave to cherish the arrival of new family members. - $10,000 in relocation assistance to support your transition if interested in moving to NYC. - $1,000 Working-from-Home stipend to create a comfortable and productive home office. - Annual $750 Learning & Development stipend for continuous personal and professional growth. - Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements. - Philanthropic contribution matching up to $2,000 annually.

Role Description Terzo processes some of the most sensitive commercial data in the enterprise world for Fortune 500 customers who expect enterprise-grade security as a baseline. Keeping that trust means our internal security posture has to be as strong as our product security. You will own Terzo's internal IT and security infrastructure including: - Endpoint management - Identity and access - Network security - The security tooling stack that protects our people, devices, and systems This includes managing and evolving tools like: - Defender - Jamf - 1Password - Twingate - Entra ID - Sentinel As the role matures, you will grow into owning compliance operations, e.g., audit readiness, evidence generation, and continuous monitoring, becoming the person who bridges IT, security, and compliance into a single discipline. Qualifications - 5+ years of experience in IT security, security engineering, or systems administration with a strong security focus - Hands-on experience managing endpoint security, MDM, and device management across Mac and Windows fleets (Jamf, Intune, Defender) - Strong understanding of identity and access management including SSO, MFA, conditional access, zero-trust network access - Experience administering and securing cloud identity platforms (Azure Entra ID, Okta, or similar) - Comfort scripting and automating IT/security workflows - Familiarity with enterprise security frameworks (SOC 2, ISO 27001, NIST 800-171) and how IT controls map to compliance requirements - Clear communication across engineering, security, and business stakeholders - High ownership mentality, you see a security gap and close it, not escalate it Requirements - Experience managing a ZTNA stack (Twingate, Cloudflare Access, Zscaler, or similar) in a remote-first environment - Background with SIEM/SOAR platforms (Sentinel, Splunk) for security monitoring and incident response - Familiarity with GRC platforms and compliance automation tooling - Experience supporting CMMC Level 2 or FedRAMP readiness from the IT controls side - Prior work at a high-growth startup where you built the IT/security function from scratch, not just inherited it - Interest in growing into a compliance operations role as the security program matures Benefits - Competitive salary - Annual performance bonus - Employee stock option plan - 100% paid medical, dental, and vision coverage - 401(k) with employer contribution - Generous vacation and sick leave - Flexible work arrangements - High-quality equipment for home and office - Strong culture of collaboration, mentorship, and continuous improvement

• Support development and delivery of cybersecurity services • Engage with insured clients for risk management • Act as liaison between insureds and underwriting team • Analyze data to identify threat scenarios