Information Security Operations Manager
Location Boston
Apply Now (https://phh.tbe.taleo.net/phh01/ats/careers/v2/applyRequisition?org=FHLBBOSTON&cws=38&rid=467)
The Federal Home Loan Bank of Boston is a leading provider of wholesale funding for housing and community finance in New England serving more than 420 financial institutions across the region. The Federal Home Loan Bank of Boston is committed to making New England a better place to live and do business, and our employees are integral to our success. As a cooperative, we are owned by more than 420 banks, credit unions, insurance companies, and community development financial institutions that access tens of billions of dollars of our reliable, wholesale funding each year. Our funds are a vital resource that helps our members succeed, provide families with safe, decent affordable housing, and generate economic development that creates jobs in communities throughout our region.
Our highly skilled team of 225 is innovative, collaborative, and passionate about the work we do. We seek other professionals excited to share their knowledge, talent, and passion for our mission to join our team. We offer opportunities for career development, robust benefits, and a work-life balance.
Position Summary
New opportunity with our growing Information Security (IS) team! We are seeking an experienced, collaborative Information Security Operations Manager to own day - to - day Security Operations (SecOps) and lead a small but high - impact team responsible for network security, endpoint security, incident response, IAM operations, and administration of the Bank's e-mail & productivity platforms. This includes threat detection, incident response, attack surface management, vulnerability management, IGA, access management, and security platform operations across on - premises and cloud environments. In addition to hands-on work, you will manage two engineers and two analysts and partner closely with our 24×7 MDR provider to drive detection fidelity, response speed, and automation in alignment with the NIST Cybersecurity Framework.
As a Player/coach you need to be knowledgeable and able to jump right in to guide, teach or provide coverage, in addition to managing the performance and professional development of multiple direct reports.
This position is classified as sensitive and is subject to a credit check.
This role will have a hybrid work schedule in our Boston office in accordance with the Bank's Hybrid Work Program. More time is expected in-office for onboarding.
Anticipated Pay Range
The anticipated base pay range for this role is $119,000 - $195,500
This role is based in Boston with weekly in-office expectations. The base pay posted represents the annual base pay range or hourly wage range that we expect to offer for this job opportunity. The actual base salary offer will depend on a variety of factors including relevant experience, required skills and other relevant factors. The range noted here is not indicative of all positions in the job grade within which this position falls.
All Bank full-time positions are eligible to participate in our annual incentive program and our robust total rewards offerings, in addition to the base pay.
For more information, visit Careers - FHLBank Boston (https://www.fhlbboston.com/about-us/careers/)
Specific Responsibilities
Management, Leadership of SecOps
· Manage, coach, and develop the SecOps team in alignment with functional expectations and Bank Competencies; set goals, run operating mechanisms, and drive performance.
· Manage daily security operations including network security, endpoint security, incident response, and IAM.
· Represent SecOps in collaboration with peers and other stakeholders.
· Own administration of the Bank's e-mail and productivity cloud environment.
· Drive SecOps program maturity and ensure cross-team alignment with Bank Technology and business units.
· Maintain playbooks, runbooks, procedures, and manage to SLOs.
· Collaborate tightly with Security Architecture to articulate operational needs, strategies, and gaps to effectively mature the Bank's cyber security capabilities.
· Actively support the Bank's strategy to leverage inclusion and opportunity as a long-term strategic priority.
· Other duties, as assigned.
Threat Detection & Incident Response
· Oversee the Bank's MDR relationship and SIEM/detection engineering function to tune rules and detections for high - fidelity alerting, reducing noise and false positives.
· Manage threat intelligence and hunting processes to enable mature security operations that go beyond reactive monitoring.
· Lead response for security incidents (containment, eradication, recovery) in coordination with IT, cloud, and business teams; ensure proper evidence handling and documentation; coordinate with law enforcement and supporting services when necessary.
Network Security
· Manage the Bank's attack surface management capability, including tight collaboration with infrastructure and service management teams.
· Direct the vulnerability management program (scan, risk triage, remediation tracking, exception governance).
· Own Web Application Firewall operations and management.
· Provide oversight and governance for network and DNS firewall operations.
Endpoint Security
· Lead and manage endpoint security operations and tools, including EDR, DLP, and file integrity monitoring.
· Partner with infrastructure and application teams to accelerate patching and configuration hardening.
Identity and Access Management
· Manage the Bank's IAM operations, including IGA, AM, and PAM platforms.
· Partner with the IS Governance Manager to advance the IAM roadmap to manage risk while delivering business enablement.
E-Mail & Productivity
· Manage the Bank's secure e-mail gateway and overall routing.
· Own administration of the Bank's productivity cloud.
Security Platforms & Engineering
· Own operational health of core security platforms and controls across workstations, servers, network, productivity, and cloud services.
· Implement automation (SOAR/scripts) to reduce manual effort and accelerate response.
Reporting & Governance
· Align SecOps processes to NIST CSF and Bank policies/standards.
· Support internal/external audits and regulatory inquiries.
Qualifications
Education
· Bachelor's degree preferred or relevant work experience.
Experience
· 5+ years relevant and broad Information Security Ops experience.
· Proven ability as a people manager for SOC/IR or Security Operations teams.
· Hands - on experience with SIEM/detection engineering, incident response, vulnerability management, and endpoint security.
· Experience leading an IAM program is strongly preferred
· Strong understanding of AWS security services and cloud threat detection.
· Experience aligning with NIST CSF; comfortable with audit/regulator engagement.
· Excellent communication skills with the ability to guide engineers and liaise with technical and non-technical stakeholders.
Preferred Qualifications
· Certifications: CISSP, AWS Security Specialty, or equivalent experience.
· SecOps experience in Financial Services or other regulated industries.
· Automation/scripting (Python, PowerShell) for SOAR, detections, or hygiene.
As an Equal Opportunity Employer, we strongly encourage applicants from every ethnicity, color, religion, gender, age, national origin, disability, veteran or parental status and sexual orientation.
Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
Back (https://phh.tbe.taleo.net/phh01/ats/careers/v2/searchResults?org=FHLBBOSTON&cws=38) Share
