Information Security Engineer

Berklee seeks an Information Security Engineer to engage in all aspects of CyberSecurity Operations.

Reporting to the Assistant Vice President for Systems, Networks, & Information Security, the Information Security Engineer will function as the lead security operations analyst and engineer, charged to protect and defend critical data, applications, and infrastructure.

The Information Security Engineer will provide strategy and implementation guidance to other operations and engineering teams and will work to build and maintain a secure, scalable environment of integrated global networks, applications, and related systems.

The Information Security Engineer will Identify threats to the environment through a suite of Security Operations Center systems and tools.
  • Perform periodic risk assessments, application and iInfrastructure audits, and vulnerability assessments.
  • Determine infrastructure, application and cloud security requirements, procedures and policies; define and implement security controls.
  • Perform network penetration tests, application vulnerability assessment scans, risk assessment reviews, and other proactive preventative security measures. Plan and create penetration testing plans. Perform hands-on penetration testing. Create and/or maintain penetration toolkits. Present findings and/or remediation guidance.


The Information Security Engineer will protect the college constituents and critical assets through management of access control and data security functions.
  • Design, implement, modify, and administer Identity and access management and account provisioning systems, two-factor authentication systems and single-sign-on systems, connections to Cloud services, and other production or legacy application systems environments.
  • Participate in data governance and data retention strategies and controls.
  • Participate in the design of information security policy, education, training, and awareness activities; monitor compliance with the college security policy and applicable laws; and participate in the coordination of the investigation and reporting of security incidents.


The Information Security Engineer will detect cybersecurity events, Respond to threats and manage incidents as they arise, and work to structure organizational Incident Response.
  • Monitor security systems, SIEM, log files, packet captures, and network flows.
  • Perform endpoint incident detection and network incident detection and manage endpoint security systems (EDR, AV, etc.).
  • Respond to incidents involving malware, network based attacks, SIEM events, firewall events, IDS and IPS events, cloud events and data loss prevention events.
  • Create and maintain critical systems documentation, including System Security Plans (SSP), Disaster Recovery Plan (DR), and Incident Response Plan (IRP).
  • Participate in vendor and new technology evaluations.
  • Perform vulnerability assessments and remediations.


The ideal candidate will have a significant level of operational cybersecurity expertise, experience working in heterogeneous technology environments, participating in systems integrations, and troubleshooting complex issues. They will have experience monitoring an environment that spans on-premises, co-located, hosted, and cloud architectures. They will be able to skillfully communicate complex business and technical processes in easy to understand visual documentation, with clear, concise oral skills, and have the patience and interpersonal skills to train and mentor technical colleagues on proper security operation and concepts. They will have incident management or crisis management experience.

CISM, GIAC or CISSP certifications preferred.

MINIMUM JOB QUALIFICATIONS:
  • Bachelor’s Degree and 5+ years of experience in business administration, auditing, and information security-related OR systems integration fields (with a strong understanding of security concepts).
  • Ability to manage and maintain a disparate suite of security solutions.
  • Ability to produce and maintain security logs and incident reports.
  • Meticulous, detail-oriented with a high degree of organizational, administrative and interpersonal skills.
  • Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, antivirus, and/or other security logging sources.
  • Familiarity with compliance themes is preferable, including but not limited to legal requirements such as 201 CMR 17.00, FERPA, NIST as well as industry standards that govern software lifecycles.
  • Experience working and troubleshooting in a technical environment
  • Strong interpersonal skills; ability to handle issues and various requirements and needs of staff and faculty throughout the college.


Knowledge and Skills Preferred:
  • Experience with ISO27001 or other security frameworks
  • Experience with AWS and AWS IAM and/or cloud security
  • Experience with Identity Automation Rapid Identity or account provisioning software
  • Experience with Rapid 7, Sophos Antivirus
  • Experience with G Suite, Google Apps Directory Sync & Google Apps Administration
  • Database query building (SQL) and reporting
  • Experience with LDAP and Active Directory user security management
  • Experience with Windows 2008, 2012, 2016; Linux, Red Hat
  • Programming or scripting including Python, Perl, Batch, SQL, CSS, XML, JSON, PHP
  • Experience working in an academic environment


Communication and Technical Leadership Competencies:
  • Knowledge of technology service frameworks such as ITIL.
  • Possesses and demonstrates the ability to solicit and gather technical details and requirements contributing to the clarity and definition required to establish project milestones, tasks, and goals.
  • Clearly summarizes and communicates in English moderately complex information in varied written formats to internal and external customers.
  • Comprehends and communicates complex verbal information in English to colleagues and other internal and external customers and business partners.
  • Demonstrates in-depth knowledge of concepts, practices and policies with the ability to use them in complex varied situations.
  • Provides a high level of customer service and staff training to meet customer service standards and expectations.
  • Leads project team meetings, including a review of action plans and tracking of project milestones.
  • Maintains a constructive, team-oriented and customer-focused attitude at all times and in all settings.
  • Works independently and creatively, learns quickly, and solves complex problems in high-pressure situations.
  • Ability to influence, train, mentor, and leverage the skills of others, including business partners and technical team members.
  • Knowledge of software development life cycles and methodologies.