Job Description

Job Description

Boston Trust Walden Company Overview

Boston Trust Walden Company is an independent, employee-owned firm that provides investment management services to institutional investors and private wealth clients. The firm manages approximately $16 billion in client assets.

Boston Trust Walden distinguishes itself in several key ways, including:

• stable, diversified business model serving a variety of client types.
• compelling investment philosophy and excellent track record.
• longstanding leadership in ESG impact investing; and
• corporate culture grounded in shared values, as signified by the companys tagline, Principled Investing.

Located in the heart of Boston at One Beacon Street, Boston Trust Walden employs fewer than 100 individuals. Boston Trust Waldens structure as an independent, employee-owned firm enables the firm to make business decisions that align with clients and employees for long-term success. The firms structure and size help cultivate a collegial work environment where employees have ownership of their work, contribute to positive client outcomes, and are rewarded for their efforts.

One of Boston Trust Waldens strategic priorities is to foster a positive workplace; this includes a commitment to diversity, equity, and inclusion. The firm believes this commitment is not only the right thing to do but also a matter of good governance and a critical component of long-term business success. When DEI values are infused into the workplace environment, the company and its employees benefit. The firm is committed to taking meaningful steps to advance racial, social, and economic equity in its workplace through retention, education, and recruitment initiatives.

Boston Trust Walden Company is an Equal Opportunity Employer. Boston Trust Walden is committed to supporting equal employment opportunity and to promoting a workplace free of discrimination with regard to race, color, creed, religion, genetic information, ancestry, national origin, age, disability, expression, physical or mental health, parental status, marital status, veteran/US military status, citizenship status, or other legally protected status.

The firm will make reasonable accommodations in the application process if requested by new job applicants.

Position: Information Security Manager

Job Summary

Boston Trust Walden seeks a strategic and experienced Information Security Manager to lead and strengthen the firms overall security posture, operational procedures, and control environment. This critical role is responsible for safeguarding firm and client data by managing core security functions, fostering cross-department collaboration, and proactively identifying and mitigating security risks.

As the Information Security Manager, you will propose, implement, and maintain the firms security policies, technologies, and controls. Additionally, you will lead phishing simulation exercises, conduct security and risk assessments, and oversee vendor due diligence reviews. The ideal candidate will demonstrate a strong commitment to cybersecurity, possess deep expertise in security principles and frameworks, and adopt a forward-thinking approach to evolving threats. You will manage day-to-day security operations, handle incident response, and drive continuous improvements to the firms security program. Oversee security controls, including network and host intrusion detection and protection systems (IDS/IPS), access management systems (SSO, IdP), firewalls, security incident and event management systems (SIEM), mobile device management (MDM) systems, data classification and loss prevention systems (DLP), secure email gateways, and proxy systems.

Key Responsibilities:

• Collaborate with Information Technology, Risk Management, and Compliance to analyze and strengthen security controls and implement comprehensive security requirements.
• Lead the implementation, documentation, and maintenance of information security policies, standards, procedures, and controls.
• Investigate security incidents, perform root cause analysis to identify indicators of compromise, and maintain documentation for corrective actions and improvements.
• Oversee third-party security providers to enhance controls and procedures.
• Manage the vulnerability lifecycle from identification to resolution and collaborate with IT teams to maintain secure baseline configurations.
• Monitor and analyze event logging across the organization, ensuring proper alerting is in place, reducing false positives, and identifying and correcting false negatives.
• Proactively identify and address gaps in security controls, working with teams across the business to ensure security measures are effectively implemented and maintained.
• Conduct information security reviews of external systems containing or utilizing firm or client NPPI.
• Stay current with the latest security technologies, trends, vulnerabilities, and emerging threats, providing expert guidance to stakeholders.

Job Requirements:

• In-depth understanding of modern computing environments, including virtualization, cloud technologies, networks and protocols, data loss prevention, access management, multi-factor authentication, public key infrastructure and cryptography, intrusion detection, firewalls, mobile device management, proxies, vulnerability assessment tools, and incident response.
• Strong written and verbal communication skills, capable of producing policies, procedures, risk assessments, and audit responses aligned with internal and regulatory standards.
• Self-motivated and detail-oriented, capable of working independently while managing multiple priorities in a fast-paced, small-company environment.
• Proven ability to collaborate and communicate effectively with cross-functional teams and departments.
• Skilled in organizing, planning, and executing security initiatives that align with IT and business objectives.
• Strong interpersonal skills with the ability to build relationships with business partners and stakeholders at all levels.
• Able to influence decisions and promote a culture of security awareness throughout the organization.

Education & Experience:

• Bachelors degree or higher in computer science, information security, or related fields.
• Over 10 years in a dedicated security role, demonstrating increased responsibilities.
• Experience in Information Security domains such as information security governance, compliance, and regulations, as well as knowledge of frameworks like CIS, NIST, ISO 27001, and SOC reports.
• Professional certifications such as CISSP/CCSP, CySA+/CASP+, Security+ or GIAC are highly valued.

Job Tags

Similar Jobs