Overview:
Are you ready to be part of the extraordinary future of technical education? Do you thrive in a dynamic, innovative environment where you can make a tangible impact? If so, we want YOU to join our team as the Sr. Security Engineer!
Position Overview:
Under general direction, performs procedures necessary to ensure the confidentiality, integrity, and availability of sensitive data and information systems. The Senior Security Engineer is responsible for developing or enhancing security policies and procedures, implementing and enforcing technical and administrative security controls, providing security support to users, and monitoring adherence to security policies and procedures. This position will serve as the key technical resource for the Information Security team and must be able to prioritize large volumes of requests.
What We Offer:
• $115,000-$130,000/year depending on experience
• Medical/Dental/Vision/Life Ins/Company paid STD & LTD Ins
• 401K, Paid Holidays, Paid Time Off
• This is a fully remote position
Responsibilities:
Risk Identification and Management
- Identifies and investigates risks to the organization using a variety of processes and technologies
- Coordinates risk and vulnerability analyses of new and existing systems using industry-standard tools
- Manages third-party security engagements, such as penetration and risk assessments, addresses alerts as necessary
- Leads and tracks remediation of findings from security tests and assessments
Security Audits and Compliance
- Audits existing systems, applications, and platforms to ensure security configurations align with security best practices
- Interfaces with the user community to understand their security needs, researches and implements procedures and technologies to accommodate them
- Coordinates the security portion of Information Technology Sarbanes-Oxley engagements
Policy and Procedure Development
- Recommends and implements security policies, procedures, standards, and technologies for current and future processes and systems
- Evaluates new projects and applications as they relate to security requirements, architecture, and design
- Works with Engineering and Operations teams to improve system security procedures and configurations
- Improves awareness of security throughout the organization
Collaboration and Integration
- Works closely with software development and enterprise information personnel to integrate best practice controls into custom software and database environments
- Collaborates with system and application owners to enforce security standards and to identify, document, and mitigate information security risks
- Interfaces with internal and external auditors to ensure compliance with regulatory activities
Qualifications:
Education:
- High School diploma or GED
- 6 years of hands-on information security experience, with the last four (4) being in a security engineering role
- At least one security certification (CISSP certification preferred)
- 2-4 year's experience managing third-party security assessments and remediation efforts
- 1-2 years' experience to implement and manage security features in O365 and Azure (PIM, Defender, Azure Policy, Conditional Access, etc.)
- 2 years' experience utilizing EDR solutions to hunt for and identify and respond to endpoint threats
- In-depth experience managing and maintaining a SIEM solution
Technical Expertise:
- Bachelors degree in a technical or scientific field is preferred
- Implementing and managing DLP solutions
- Familiarity with performing forensic and e-discovery tasks
- Experience incorporating security into development workflows
- Understanding of firewall configuration and administration, preferably experience with FortiNet
Regulatory and Compliance Knowledge:
- Working knowledge of FERPA, GLBA, PCI, HIPAA, and SOX control frameworks
Communication and Collaboration
- Effectively weigh business needs against security concerns and articulate issues to management
- Build effective relationships with various business unit leaders and IT functional teams
- Excellent written and verbal communication skills and the ability to communicate effectively with technical and non-technical individuals
- Lead technical discussions with various technology teams
- Prioritize and manage a large volume of daily tasks and requests efficiently
Analytical and Problem-Solving Skills
- Proven ability to identify areas needing improvement, and managing the improvement process
- Skilled in vulnerability identification, analysis, and remediation
- Skilled in performing third-party risk assessments
- Good judgment in problem-solving, and decision-making skills
It’s all about the reputation. 55+ years of experience, trusted by 35+ industry leading brands, 16 campuses, 5 technical schools. But it’s not all about the numbers. Here at Universal Technical Institute and its family of schools, we care about YOU. We care about making a change in the lives of our employees and our students. We’re on a mission to expand our reach and increase our impact, one life at a time and that starts with yours...Come and be a part of our legacy!