Senior Cyber Security SecDev Engineer

Forrester•Cambridge, MA

About The Position

At Forrester, we’re trusted to work on trailblazing, mission critical problems that business and technology leaders face today. That’s why we’re always looking to empower talented individuals to perform at their best every single day. We’re proud of our community of smart people and vibrant voices who come together to do what’s right by our clients and each other. Our success is driven by curiosity, courage and customer obsession. The confidence and drive to be bold at work. Join us and build an extraordinary future. About This Role: The Cybersecurity Engineer (CE) will perform ongoing security operations tasks along with engineering and maintaining security solutions across the enterprise with an emphasis on AI related security initiatives. The CE will investigate and respond to incidents, escalating as necessary. The CE must stay current with emerging cyberthreats through security bulletins, external peer groups, and information security circles. This role will be responsible for designing, implementing, and maintaining policies and technical controls to mitigate emerging risks related to agentic and generative AI. The CE must have strong working knowledge of security fundamentals, functionality of AI/ML, cloud infrastructure and security. You will partner with DevOps, product, data, and AI-focused teams to advise and ensure secure design and operation.

Requirements

Five plus years of professional information and IT security experience with a passion for cybersecurity.
Proficiency in scripting languages (Python and/or Java).
Experience with securing cloud-native AI/ML environments (AWS Azure) and containerized systems (Kubernetes, Docker).
Must have an understanding of Application Security (OWASP top 10, SCA, DAST, and SAST).
Familiarity with code scanning and remediation procedures.
A thorough understanding of NIST AI RMF and ISO 42001.
A proven track record of designing, engineering, and delivering enterprise-level security solutions.
Excellent vulnerability, intrusion, and incident assessment, remediation, and management skills.
Detailed working knowledge of security technologies (e.g., AV, IDS/IPS, NGFW, SIEM, WAF, DLP, and malware analysis and protection), with a commitment to keep current with the latest developments in this field.
A thorough understanding of computer networking, IP, routing protocols, OSI model, etc.
Strong analytical and troubleshooting skills driven by a logical, methodical approach.
Excellent interpersonal, communication, and leadership skills.
A self-starter who is resourceful and intellectually curious.
Someone who is transparent and open to feedback.
A sense of urgency without sacrificing quality.
A collaborative team player with high standards and ethics.

Responsibilities

Build, configure, deploy, troubleshoot/support, and document security solutions for multiple environments (AWS, Azure, on prem).
Build, configure, and deploy AI agents/automation to automate security processes.
Work with DevOps to design, implement, and maintain secure platforms for AI/ML models, ensuring data privacy, detecting model tampering, and securing data pipelines.
Implement and improve the company’s security authentication and log systems, including log aggregation, correlation, and analysis as well as automated alerting and prioritization.
Monitor and analyze systems for security incidents, investigating, resolving, reporting, and escalating them as needed.
Develop technical solutions to help mitigate security vulnerabilities and automate tasks to increase operational efficiency.
Design and establish continuous monitoring programs using cybersecurity monitoring, vulnerability scanning, and intrusion detection and management tools.
Identify opportunities to improve the quality and resiliency of the company’s systems and applications.
Research and recommend solutions to improve the company’s security posture on-premises and in the cloud.
Partner with operations and infrastructure engineering teams to implement and tune security monitoring, tooling, and reporting.
Actively participate in DR/BC planning and implementation.