Cyber Security Engineer

ABOUT THE JOB

The ACLU seeks applicants for the full-time position of Cybersecurity Engineer in the Information Security Department of the ACLU’s National office in New York, NY. This is a hybrid role that has in-office requirements of two (2) days per week or eight (8) days per month.

Director of Security Architecture & Engineering, this hands-on technical role is responsible for securing the ACLU’s infrastructure, endpoints, and cloud services by reducing vulnerability risk, improving control enforcement, and operationalizing core data protection strategies.

This role is ideal for a security engineer who thrives at the intersection of infrastructure, identity, and data — someone ready to roll up their sleeves to turn policy into technical enforcement. The engineer will drive progress across cloud posture, endpoint compliance, DLP, and insider risk detection, ensuring controls are not just defined but deployed, measurable, and resilient in production environments.

This position is part of a collective bargaining unit. It is represented by ACLU Staff United (ASU).

WHAT YOU'LL DO

Reporting to the Director of Security Architecture & Engineering, the Cybersecurity Engineer will be accountable for executing core infrastructure and endpoint security priorities across cloud, network, and device environments.

YOUR DAY TO DAY

• Implement and manage cloud security posture tooling and alerts, ensuring visibility into configuration drift, overexposure, and high-risk services.


• Lead the vulnerability management lifecycle — including scanning, prioritization, stakeholder coordination, remediation tracking, and reporting.


• Deploy and enforce secure configuration baselines across managed devices (Windows, macOS, mobile), including disk encryption, patch compliance, and privileged access.


• Identify exposed services and reduce attack surface across infrastructure and endpoint environments using automation and policy-based enforcement.


• Develop and maintain secure configuration management practices across IAM, network segmentation, endpoint posture, and SaaS platforms.


• Engineer and support enterprise Data Loss Prevention (DLP) tooling, including policy definition, control enforcement, and incident response workflows across email, endpoint, and cloud.


• Implement and tune insider threat detection signals using endpoint telemetry, behavior analytics, and identity context, in coordination with Security Operations.


• Serve as a technical escalation point for endpoint, cloud, and identity security issues impacting control integrity or coverage.

FUTURE ACLU'ERS WILL

• Be committed to advancing the mission of the ACLU


• Center and embed the principles of equity, inclusion and belonging in their work by demonstrating commitment to diversity with an approach that respects and values multiple perspectives


• Be committed to work collaboratively and respectfully toward resolving obstacles and conflicts

WHAT YOU'LL BRING

• Demonstrated experience in security engineering, cloud/infrastructure security, or endpoint protection.


• Strong working knowledge of DLP, data classification, and endpoint telemetry tooling (e.g., Microsoft Purview, Intune, Defender for Endpoint, Jamf, etc.).


• Hands-on experience with vulnerability management platforms and remediation coordination.


• Experience designing and deploying secure configurations across Windows, macOS, and mobile environments.


• Familiarity with insider risk detection tooling or behavioral analytics platforms is a strong plus.


• Proficiency with scripting or infrastructure-as-code (e.g., PowerShell, Python, Terraform).


• Excellent communication and cross-functional collaboration skills, particularly across IT, Legal, and Privacy stakeholders.


• Commitment to securing digital systems in a mission-driven and rights-centered environment.

COMPENSATION

WHY THE ACLU

For over 100 years, the ACLU has worked to defend and preserve the individual rights and liberties guaranteed by the Constitution and laws of the United States. Whether it’s ending mass incarceration, achieving full equality for the LGBTQ+ community, establishing new privacy protections for our digital age, or preserving the right to vote or the right to have an abortion, the ACLU takes up the toughest civil liberties cases and issues to defend all people.

We know that great people make a great organization. We value our people and know that what we offer is essential not just their work, but to their overall well-being.

At the ACLU, we offer a broad range of benefits, which include:

• Time away to focus on the things that matter with a generous paid time-off policy


• Focus on your well-being with comprehensive healthcare benefits (including medical, dental and vision coverage, parental leave, gender affirming care & fertility treatment)


• Plan for your retirement with 401k plan and employer match


• We support employee growth and development through annual professional development funds, internal professional development programs and workshops

OUR COMMITMENT TO ACCESSIBILITY, EQUITY, DIVERSITY & INCLUSION

Accessibility, equity, diversity and inclusion are core values of the ACLU and central to our work to advance liberty, equality, and justice for all. For us diversity, equity, accessibility, and inclusion are not just check-the-box activities, but a chance for us to make long-term meaningful change. We are a community committed to learning and growth, humility and grace, transparency and accountability. We believe in a collective responsibility to create a culture of belonging for all people within our organization – one that respects and embraces difference; treats everyone equitably; and empowers our colleagues to do the best work possible. We are as committed to anti-oppression, anti-ableism, and anti-racism internally as we are externally. Because whether we’re in the courts or in the office, we believe ‘We the People’ means all of us.

With this commitment in mind, we strongly encourage applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, veteran status and record of arrest or conviction, or any other characteristic protected by applicable law.

The ACLU is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and need assistance applying online, please email benefits.hrdept@aclu.org. If you are selected for an interview, you will receive additional information regarding how to request an accommodation for the interview process.

The Department of Education has determined that employment in this position at the ACLU does not qualify for the Public Service Loan Forgiveness Program.