Advisor, Cyber Security

RSA provides trusted identity and access management for 12,000 organizations around the world, managing 25 million enterprise identities and providing secure, convenient access to millions of users. RSA specializes in empowering security-first organizations in financial services, healthcare, energy, technology services, and other industries to thrive in a digital world, delivering complete capabilities for modern authentication, access, lifecycle management, and identity governance. Whether in the cloud or on-premises, RSA connects people with the digital resources they depend on everywhere they live, work, and play.

For decades, RSA has pioneered many of the encryption, authentication, and identity federation technologies that still power the internet. And now RSA is transforming the industry yet again, paving the way for the future of digital identity through the RSA Unified Identity Platform; next-generation hybrid and cloud solutions; the first ever and only multi-functional, passwordless hardware authenticator; and a frictionless, mobile-optimized experience for the modern workforce. If you are self-motivated and looking for a fast-paced challenge doing something that truly matters, come join our winning team!  For more information, go to rsa.com.

RSA delivers mission-driven security solutions that give organizations a unified approach to managing digital risk — built on integrated visibility, automated insight, and coordinated action. Anchored by our storied Identity and Access Management platform, RSA protects millions of users worldwide and supports more than 90 percent of the Fortune 500 and every branch of the U.S. federal government.

As a Senior Analyst on the Security & Risk team, you are charged with helping protect a company that secures the most secure. You will safeguard both our production corporate environments and the product and R&D space, helping security act as an enabler of the business rather than a brake on it.

Principal Responsibilities:

• Serve as second level Incident Response interacting with our third-party SOC and be a security SME on a shared on-call rotation.
• Operate and tune core detection and response tooling — such as SIEM, SOAR, XDR/EDR, WAF, and NGFW — to sharpen signal and cut noise.
• Apply identity-centric and Zero Trust controls — access, MFA, and least privilege — alongside the IT platform and product teams.
• Support security as an enabler in the product and R&D lifecycle, advising engineering on secure-by-design patterns.
• Be an advocate and enabler for maturing the security controls around data, AI services and our products
• Maintain clear documentation, runbooks, develop metrics, and present findings to both technical and non-technical audiences.
• Deep-dive into security systems as needed to investigate issues and automate recurring tasks through scripting or AI Agents as appropriate.
• Act as the bridge between technical and non-technical contributors

Education & Experience:

• Typically, 4+ years of related cybersecurity operations experience with a Bachelor’s degree; or 2+ years with a Master’s degree.
• Hands-on production operation of multiple security technologies in public cloud (Azure and/or AWS) and on-premises environments — including vulnerability scanning and management, SIEM/logging, WAF, network segmentation and security groups, system hardening/STIG, malware prevention, and incident response.
• Intermediate grasp of identity and access management and Zero Trust principles — authentication and authorization standards (MFA, SAML, OAuth, OIDC), directory services, and least-privilege access — reflecting identity’s role as the modern control point.
• Working knowledge of networking concepts and of both Linux and Windows host operating systems.
• Critical-thinking drive — asking what could be, how it could be done better, and pursuing continuous improvement and efficiency through automation — paired with a collaborative work style.
• Strong written, spoken, and presentation skills, with the ability to communicate security decisions clearly and to translate between technical and non-technical audiences.
• US Citizen / US Soil

Desirable Requirements:

• Experience securing customer-facing SaaS environments and familiarity with FedRAMP, SOC 2, NIST, or CSA compliance frameworks; prior work with a government, FedRAMP, or otherwise regulated environment is highly desirable.
• Experience securing product and R&D or DevSecOps environments — container and Kubernetes security, infrastructure-as-code scanning, and secrets management.
• Familiarity with securing AI/ML workloads and AI-enabled tooling, and an awareness of emerging AI-driven threats and defensive use cases.
• Demonstrated group, team, or thought leadership within cloud or security operations initiatives.
• Experience threat hunting or red-teaming within a complex enterprise environment
• Location near Boston area a plus
• Industry-standard cybersecurity certifications; a cloud or identity-specific credential is a plus.

Full-time, non-Sales US employees are also eligible for annual discretionary bonuses that are funded based on prior year company performance. RSA Sales team members are eligible to participate in company commission plans.

In addition, RSA offers its eligible US employees a comprehensive array of benefit programs including flexible paid-time-off, health, disability, and life insurance, and a 401(k) retirement plan with company matching contributions.

RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All employment decisions at RSA are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, protected veteran status, genetic information, or any other characteristic protected by federal, state or local laws. RSA will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. All RSA employees are expected to support this policy and contribute to an environment of equal opportunity.

If you need a reasonable accommodation during the application process, please contact rsa.global.talent.acquisition@rsa.com. All employees must be legally authorized to work in the US. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.