Cyber Security Engineer

Job description

Bentley University

Office of Chief Information Officer

Summary of the Position

Bentley University is one of the nation's leading business schools, dedicated to preparing a new kind of business leader with deep technical skills, the broad global perspective and high ethical standards. Bentley is seeking a Cyber Security Engineer to manage vulnerabilities and incidents and to serve as a cybersecurity subject matter. The engineer will also assess and manage risks as well as provide subject matter expertise in many areas.
The Cyber Security Engineer will report to the Chief Information Security Officer for Bentley University as part of the Information Security team. The Engineer will have responsibilities to run and maintain security systems, with a primary focus on vulnerability and incident management, including: running the vulnerability scanning tool and SIEM (Security Incident Event Manager). Additional responsibilities include risk and compliance management, awareness, and investigation/remediation of security incidents.

Essential Functions

- Proactively assesses potential IT systems, applications and network risks and vulnerability
- Troubleshooting and occasional on-call duties for production security issues
- Vulnerability Management scans and remediation of environment
- Implement, configure and manage security systems, including:
o Vulnerability scanner (e.g. Tenable Nessus)
o Security Incident Event Manager (SIEM / Splunk)
o Anti-Virus/Malware
o Data Encryption/DLP
o Web Filters
o Multi-factor Authentication
o Firewalls, Proxy Servers, Intrusion Detection/Prevention Systems (Palo Alto)
- Document and maintain standard operating procedures (SOPs)
- Partner with IT/Sysadmins/Development to harden systems in accordance with configuration standards
" Internal consulting with department groups, providing subject matter expertise
- Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.
- Security review and design of complex application and technology architectures.
- Coordination of technical design/review activities with various IS and project stakeholders.

Minimum Qualifications (Education and Experience Requirements)

- Bachelor's and/or Master's degree in Cybersecurity, Information Assurance or related field or equivalent experience
- Demonstrated proficiency and knowledge in IT and/or information security, with 5 or more years of experience in multiple environments.
- Two years+ experience utilizing vulnerability testing tools such as Rapid7 Nexpose, Tenable Nessus, Qualys, Metasploit, Nmap, Wifi Pineapple or other similar tools
- Strong understanding of vulnerabilities and vulnerability prioritization
- Ability to work well with others.
- Understanding of Common Vulnerability Scoring System v3 (CVE)
- Strong written and verbal communication skills with ability to convey risk priority and impact
- Ability to multi-task keeping the highest risk and/or priority items as forefront
- Timely and professional responsiveness
- Ability to quickly adapt to new processes and able to recommend process changes to improve organizational response" Experience with being on a CSIRT team (computer security incident response)
- Implementation and/or customization and management of a vulnerability management tool and a SIEM tool (e.g. Splunk, Log Rhythm, etc.)
- Extensive Windows systems and security tools (Windows OS knowledge is essential)
- Experience of designing and managing security controls within service providers

Preferred Qualifications

- Usage of frameworks and controls, e.g. NIST Cyber Security Framework (CSF), ISO 27001, GLBA, and COBIT or COSO
- Information Security Qualifications such as CISSP, CEH, GSEC, CISM, and/or CompTIA Security+ preferred
- Security Qualifications such as SANs
- Experience with firewalls, ACLs and VPN technologies
- Work experience in higher education
- Inquisitive nature and interest in unraveling and sorting through a variety of information from numerous sources in an effort to gain a better understanding of an issue" Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions both internally and within cloud provided services, with CASB products a plus.
- Ability to work independently as well as with a team
- 3-5 years security operations experience and effectively analyze and solve problems
- Strong communication, leadership and partnering skills, including business writing skills
- Able to operate as a highly independent worker and as part of a strong team/collaborative approach
- Experience of designing and managing security controls within service providers

Physical Demands

Sitting or standing in front of a computer for most of the day. Walking across campus.

Posting Detail Information

Special Instructions to Applicants

Bentley University requires reference checks and may conduct other pre-employment screening.





Diversity Profile: University



View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 3/29/2018
Application Due: 5/28/2018
Work Type: