Are you driven by the principles and objectives of servant leadership? Do you take pride in seeing your vision become a reality within a next level IT environment that reflects the ideology of our university’s core values? Is it your time to rise? Rise with us!
We live our values and improve lives through higher education. We seek out those who can be courageous, act with integrity and remain true to our mission. Since 1976, the University of Phoenix has been committed to enhancing lives through higher education while strengthening our communities.
To help meet our mission, we are seeking a Senior Security Engineer who’ll ensure the security of information across the enterprise. Within this role, you will work alongside customers, software developers, enterprise architects, information security, internal audit, compliance, and other key stakeholders to build information security strategies and programs. You’ll contribute to enterprise-level policies and standards, lead incident response activities, and remediate security issues. You’ll improve the ability of the organization to protect the confidentiality, availability, and integrity of the Company's and our customers' information assets. You’ll lead various technologies to produce coherent technology strategies and architectures while taking an active role to lead the implementation and configuring security tools within the Apollo Technology space. You’ll implement the framework for security standards and compliance of Apollo’s systems, infrastructure & solutions. As a leader within this role, you’ll provide feedback and consultation to the Security Architecture team, as well as project teams and ongoing projects and initiatives, integrating optimal security controls as appropriate and required.
As a Senior Security Engineer, you’ll have a unique opportunity to:
- Act as a primary point of contact for all issues related to Information Security Operations and technology.
- Manage multiple security projects simultaneously.
- Maintain hardware and software tools used to support Information Security Operations functions.
- Act as a technical security advisor for less experienced Security Analysts.
- Lead incident response and investigations of suspected information security events, misuse or compliance reviews and provide root cause analysis within documented incident reports.
- Assist in responses to internal and external compliance audits, e-Discovery data collection, penetration tests and vulnerability assessments.
- Coordinate maintenance of security-related systems (Anti-Virus, Logging, Content filtering, Intrusion Prevention, Security Incident and Event Management, Syslog, etc.).
- Maintain general working knowledge and awareness of concepts such as Identity & Access Management (IAM), Access Controls, Authorization, Encryption of data at rest / in transit, multi-factor authentication, web application firewalls, etc.
- Maintain runbooks for Information Security tools and create new runbooks for newly implemented security technologies.
- Review system designs and architectures and make security-related recommendations.
- Validates and tests existing security infrastructure to establish continual improvements and enhancements.
- Recommend enterprise-level information security policies and standards.
- Responsible for training new Security Analysts on Apollo’s cutting edge security tools.
- Coordinate changes for the Information Security tools and submit all change requests through the documented change control process, while also participating in the established change control process.
- Document and maintain appropriate OLAs/SLAs within Apollo Technology.
- Provide input and assist in collection of established metrics for reporting.
- Conduct analysis on existing and emerging threats and provide appropriate recommendations for remediation.
- Participate in an on-call rotation in support of the 24/7 Security Operations Center.
Through education and experience, you have:
- Bachelor’s degree (preferably in Computer Science, Business or related area) and/or a combination of:
- Equivalent education or training in related disciplines
- 10+ years progressive experience in Information Security related roles
- Security related certifications e.g., CISSP, CISM, CISA
- Intimate knowledge of industry frameworks related to information security (e.g. ISO 27000, NIST, etc.)
- 6+ years’ direct and hands-on experience with network and Security components, including firewalls, intrusion detection systems, anti-malware products, e-Discovery and forensics tools and products, data encryption, VPN's, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)
- Subject Matter Expert (SME) level knowledge of security tools, trends, methodologies, and best practices for securing platforms and operating systems at the server, client, and handheld level.
- Expert knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
- Experience with risk management methodologies and frameworks
- Demonstrated ability to create and manage Security solutions with a high degree of integration
- Strong understanding of regulatory requirements (PCI, SOX, GLBA) and how they impact information security functions
What sets you apart is your:
- Demonstrated strong communication skills required to discuss and present complex engineering principles
- Demonstrated ability to work effectively in a collaborative team environment as an individual contributor.
- Ability to provide support after normal business hours, as needed.
- Resourceful, creative, innovative, results driven, and adaptable nature
- Willingness for potential travel when/if the position deems necessary
Work for an organization with a mission you believe in!
As an Equal Opportunity employer, we particularly encourage applications from members of historically underrepresented racial/ethnic groups, women, individuals with disabilities, veterans, LGBTQ community
Intrusion Detection Systems