Edtech.com's Summary

Frontline Education is hiring a Senior Information Security Engineer 2. This role involves engineering, implementing, and monitoring security measures while leading initiatives in cloud security, incident response, and software security integration across the organization. The engineer will collaborate with multiple teams to enhance security posture and drive strategic security initiatives.

Highlights

Engineer and monitor security measures for systems, networks, and information protection.
Design and deploy next-generation cloud security controls and technologies.
Lead Security Incident Response Team efforts and develop incident response processes.
Integrate security controls into CI/CD pipelines with SAST, DAST, and SCA tooling.
Conduct vulnerability assessments, penetration testing, and deploy security technologies.
Collaborate across product, infrastructure, and business teams to enforce security best practices.
Qualifications include a Bachelor's degree or equivalent, 8+ years IT/security engineering experience, and relevant security certifications (CEH, CISSP, CISA, CISM, or CRISC).
Strong knowledge of TCP/IP, cryptography, risk management frameworks (NIST, ISO 27001, PCI-DSS, SOC), and regulatory compliance (FERPA, HIPAA, SOX, GLBA, PCI).
Experience with centralized log management tools and software/application security.
Compensation range is $140,000 to $150,000 annually plus bonus, personalized PTO, 401k match, health insurance, and tuition reimbursement options.

Senior Information Security Engineer 2 Full Description

Senior Information Security Engineer 2

Location: Naperville, IL, United States

Description

Senior Information Security Engineer 2

Remote or Hybrid to Wayne, PA; Naperville, IL

We are seeking a Senior Information Security Engineer 2 for an exciting opportunity to be part of a small security team and growing company, in an evolving industry. The Senior Security Engineer will report to the CISO and engage other stakeholders across the organization to drive change and promote security. This position is USA only, remote.

Our mission is very broad, and our team is small and agile. We will look toward your unique skills to approach and solve problems in your own way. Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you are empowered to engage and lead cross-functionally. In the role of Senior Information Security Engineer, you will focus on the evaluation, architecture, development, deployment, and operation of network, endpoint, and cloud security solutions.

Key Responsibilities:

Engineer, implement and monitor security measures for the protection of computer systems, networks and information
Design, build and deploy next-generation cloud security practices, controls, and technologies to protect Frontline’s public and private cloud infrastructure
Work across product, infrastructure and business systems teams to enhance and evangelize security in cloud infrastructure
Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
Assist with driving changes needed to respond to emerging threats and implement countermeasures
Lead initiatives to develop and build security utilities and tools that will enable others to operate more efficiently and securely in cloud environments
Develop and maintain automation scripts or internal tools to improve the efficiency and consistency of security operations
Lead the Security Incident Response Team (SIRT) efforts to respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
Create and maintain incident response runbooks, conduct tabletop exercises, and perform post-incident reviews to improve readiness
Support the CISO in strengthening incident readiness posture and response maturity across the organization
Conduct regular security assessments of a suite of applications (internally developed and acquired through M&A)
Integrate security controls into CI/CD pipelines by enabling SAST, DAST, and software composition analysis (SCA) tooling
Collaborate with development teams to embed security throughout the software development lifecycle (SSDLC)
Participate in threat modeling and security architecture reviews to guide secure design of applications and infrastructure
Create automated tests to encourage and enforce security standards
Play a key role in the cross-functional effort to define secure configuration standards for key technology platforms
Analyze information systems utilizing various cybersecurity techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, SIEM solutions, and vulnerability assessment software to aid in the detection and prevention of cyberattacks
Perform vulnerability assessments and penetration tests of systems and networks and prioritize remediation efforts
Deploy and manage security technologies such as firewalls, web application firewalls, proxy systems, logging, and other security devices, threat detection tools
Conduct and monitor Independent Validation and Verification (IV&V) testing for software applications and systems
Help design and implement processes and technology solutions to assess, monitor, audit, and enforce compliance with internal and regulatory requirements, such as ISO27001, PCI, SOC, and others
Create detailed business, technology, operational, and security requirements
Understand, develop, implement, and monitor technical and non-technical policies, procedures, processes, and workflows
Assist the CISO in shaping and operationalizing security engineering initiatives and strategic roadmaps
Solution delivery / implementation (directly or through partnerships)
Support third-party vendor assessments and monitor external partners for ongoing security risks
Respond to customer and stakeholder security inquiries, including security questionnaires and due diligence requests
Lead technical mentorship and knowledge-sharing initiatives across engineering teams to champion security best practices

Qualifications:

Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
8+ years’ experience working in IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
3+ years of experience in software/application security required
Security certification such as CEH, CISSP, CISA, CISM, CRISC or equivalent required
Strong working knowledge of TCP/IP networking and common protocols
Experience with and understanding of cryptography
Knowledge of a broad range of security controls and risk management frameworks NIST, ISO 2700x, PCI-DSS, SOC, and other similar standards
Knowledge of regulatory compliance issues such as FERPA, HIPAA, SOX, GLBA, and PCI
Experience with centralized log management tools

Who We Are:

Frontline Education is a pioneer in school administration software purpose-built for K–12 districts. Serving over 12,000 educational organizations across the U.S., we deliver innovative, connected solutions for student and special programs, business operations, and human capital management—powered by robust data and analytics. Our mission is to empower educators and administrators to make informed decisions, streamline operations, and ultimately improve student outcomes.

We value hard work, but we also believe in having fun, supporting one another, and maintaining a healthy balance between work and family. If you're looking to make a real impact in education alongside a growing, mission-driven tech company with a strong culture of integrity and innovation, we’d love to meet you.

Perks of being a Frontliner:

Frontline offers a competitive compensation package including a base salary, rewarding bonus structure, 401k match, and personalized PTO! Our company’s growth has created a promising environment for career advancement and rewarding challenges. We offer a tuition reimbursement program for eligible college credit coursework available to employees depending on their status and length of employment.

The salary range for this role is $140,000 - $150,000 per year, based on experience, skills, and internal equity. In addition to base salary, this role includes a bonus, personalized PTO, and comprehensive benefits, including health insurance, 401k, and much more!

Our Privacy Policy: Your privacy is important to us. Click here to read our general Privacy Statement, and click here to read our Applicant Privacy Statement

Original Job Description

Senior Information Security Engineer 2

Location: Naperville, IL, United States

Description

Senior Information Security Engineer 2

Remote or Hybrid to Wayne, PA; Naperville, IL

Key Responsibilities:

Engineer, implement and monitor security measures for the protection of computer systems, networks and information
Design, build and deploy next-generation cloud security practices, controls, and technologies to protect Frontline’s public and private cloud infrastructure
Work across product, infrastructure and business systems teams to enhance and evangelize security in cloud infrastructure
Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
Assist with driving changes needed to respond to emerging threats and implement countermeasures
Lead initiatives to develop and build security utilities and tools that will enable others to operate more efficiently and securely in cloud environments
Develop and maintain automation scripts or internal tools to improve the efficiency and consistency of security operations
Lead the Security Incident Response Team (SIRT) efforts to respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
Create and maintain incident response runbooks, conduct tabletop exercises, and perform post-incident reviews to improve readiness
Support the CISO in strengthening incident readiness posture and response maturity across the organization
Conduct regular security assessments of a suite of applications (internally developed and acquired through M&A)
Integrate security controls into CI/CD pipelines by enabling SAST, DAST, and software composition analysis (SCA) tooling
Collaborate with development teams to embed security throughout the software development lifecycle (SSDLC)
Participate in threat modeling and security architecture reviews to guide secure design of applications and infrastructure
Create automated tests to encourage and enforce security standards
Play a key role in the cross-functional effort to define secure configuration standards for key technology platforms
Analyze information systems utilizing various cybersecurity techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, SIEM solutions, and vulnerability assessment software to aid in the detection and prevention of cyberattacks
Perform vulnerability assessments and penetration tests of systems and networks and prioritize remediation efforts
Deploy and manage security technologies such as firewalls, web application firewalls, proxy systems, logging, and other security devices, threat detection tools
Conduct and monitor Independent Validation and Verification (IV&V) testing for software applications and systems
Help design and implement processes and technology solutions to assess, monitor, audit, and enforce compliance with internal and regulatory requirements, such as ISO27001, PCI, SOC, and others
Create detailed business, technology, operational, and security requirements
Understand, develop, implement, and monitor technical and non-technical policies, procedures, processes, and workflows
Assist the CISO in shaping and operationalizing security engineering initiatives and strategic roadmaps
Solution delivery / implementation (directly or through partnerships)
Support third-party vendor assessments and monitor external partners for ongoing security risks
Respond to customer and stakeholder security inquiries, including security questionnaires and due diligence requests
Lead technical mentorship and knowledge-sharing initiatives across engineering teams to champion security best practices

Qualifications:

Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
8+ years’ experience working in IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
3+ years of experience in software/application security required
Security certification such as CEH, CISSP, CISA, CISM, CRISC or equivalent required
Strong working knowledge of TCP/IP networking and common protocols
Experience with and understanding of cryptography
Knowledge of a broad range of security controls and risk management frameworks NIST, ISO 2700x, PCI-DSS, SOC, and other similar standards
Knowledge of regulatory compliance issues such as FERPA, HIPAA, SOX, GLBA, and PCI
Experience with centralized log management tools

Who We Are:

Perks of being a Frontliner:

Our Privacy Policy: Your privacy is important to us. Click here to read our general Privacy Statement, and click here to read our Applicant Privacy Statement

Let me find your next job.

Thanks - you're signed up.

Senior Information Security Engineer 2

Edtech.com's Summary

Senior Information Security Engineer 2 Full Description

Senior Information Security Engineer 2

Senior Information Security Engineer 2

Senior Information Security Engineer 2

Information System Security Officer

Content Specialist, Information Security

Cloud Security Engineer