Edtech.com's Summary

Frontline Education is hiring a Senior Information Security Engineer 2. This role involves engineering, implementing, and monitoring security measures for network, endpoint, and cloud environments while leading initiatives in incident response, security automation, and compliance. The engineer will collaborate across teams to enhance security practices and drive strategic security initiatives.

Highlights

Engineer, implement, and monitor security solutions for computer systems, networks, and cloud infrastructure
Lead Security Incident Response Team efforts and develop incident response protocols
Integrate security controls into CI/CD pipelines and embed security in the software development lifecycle
Conduct vulnerability assessments, penetration testing, and compliance with standards such as ISO27001, PCI, SOC
Develop automation scripts and security tools to improve operations efficiency
Required proficiency with TCP/IP networking, cryptography, security frameworks like NIST, ISO 2700x, PCI-DSS
Security certifications required include CEH, CISSP, CISA, CISM, or CRISC
Bachelor’s degree or equivalent experience in IT, cybersecurity, or related fields
8+ years of IT/security experience including 3+ years in software/application security
Compensation range: $140,000 - $150,000 base salary plus bonus, PTO, 401k match, and benefits

Senior Information Security Engineer 2 Full Description

Senior Information Security Engineer 2

Location: United States

Description

Senior Information Security Engineer 2

Remote or Hybrid to Wayne, PA; Naperville, IL

We are seeking a Senior Information Security Engineer 2 for an exciting opportunity to be part of a small security team and growing company, in an evolving industry. The Senior Security Engineer will report to the CISO and engage other stakeholders across the organization to drive change and promote security. This position is USA only, remote.

Our mission is very broad, and our team is small and agile. We will look toward your unique skills to approach and solve problems in your own way. Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you are empowered to engage and lead cross-functionally. In the role of Senior Information Security Engineer, you will focus on the evaluation, architecture, development, deployment, and operation of network, endpoint, and cloud security solutions.

Key Responsibilities:

Engineer, implement and monitor security measures for the protection of computer systems, networks and information
Design, build and deploy next-generation cloud security practices, controls, and technologies to protect Frontline’s public and private cloud infrastructure
Work across product, infrastructure and business systems teams to enhance and evangelize security in cloud infrastructure
Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
Assist with driving changes needed to respond to emerging threats and implement countermeasures
Lead initiatives to develop and build security utilities and tools that will enable others to operate more efficiently and securely in cloud environments
Develop and maintain automation scripts or internal tools to improve the efficiency and consistency of security operations
Lead the Security Incident Response Team (SIRT) efforts to respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
Create and maintain incident response runbooks, conduct tabletop exercises, and perform post-incident reviews to improve readiness
Support the CISO in strengthening incident readiness posture and response maturity across the organization
Conduct regular security assessments of a suite of applications (internally developed and acquired through M&A)
Integrate security controls into CI/CD pipelines by enabling SAST, DAST, and software composition analysis (SCA) tooling
Collaborate with development teams to embed security throughout the software development lifecycle (SSDLC)
Participate in threat modeling and security architecture reviews to guide secure design of applications and infrastructure
Create automated tests to encourage and enforce security standards
Play a key role in the cross-functional effort to define secure configuration standards for key technology platforms
Analyze information systems utilizing various cybersecurity techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, SIEM solutions, and vulnerability assessment software to aid in the detection and prevention of cyberattacks
Perform vulnerability assessments and penetration tests of systems and networks and prioritize remediation efforts
Deploy and manage security technologies such as firewalls, web application firewalls, proxy systems, logging, and other security devices, threat detection tools
Conduct and monitor Independent Validation and Verification (IV&V) testing for software applications and systems
Help design and implement processes and technology solutions to assess, monitor, audit, and enforce compliance with internal and regulatory requirements, such as ISO27001, PCI, SOC, and others
Create detailed business, technology, operational, and security requirements
Understand, develop, implement, and monitor technical and non-technical policies, procedures, processes, and workflows
Assist the CISO in shaping and operationalizing security engineering initiatives and strategic roadmaps
Solution delivery / implementation (directly or through partnerships)
Support third-party vendor assessments and monitor external partners for ongoing security risks
Respond to customer and stakeholder security inquiries, including security questionnaires and due diligence requests
Lead technical mentorship and knowledge-sharing initiatives across engineering teams to champion security best practices

Qualifications:

Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
8+ years’ experience working in IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
3+ years of experience in software/application security required
Security certification such as CEH, CISSP, CISA, CISM, CRISC or equivalent required
Strong working knowledge of TCP/IP networking and common protocols
Experience with and understanding of cryptography
Knowledge of a broad range of security controls and risk management frameworks NIST, ISO 2700x, PCI-DSS, SOC, and other similar standards
Knowledge of regulatory compliance issues such as FERPA, HIPAA, SOX, GLBA, and PCI
Experience with centralized log management tools

Who We Are:

Frontline Education is a pioneer in school administration software purpose-built for K–12 districts. Serving over 12,000 educational organizations across the U.S., we deliver innovative, connected solutions for student and special programs, business operations, and human capital management—powered by robust data and analytics. Our mission is to empower educators and administrators to make informed decisions, streamline operations, and ultimately improve student outcomes.

We value hard work, but we also believe in having fun, supporting one another, and maintaining a healthy balance between work and family. If you're looking to make a real impact in education alongside a growing, mission-driven tech company with a strong culture of integrity and innovation, we’d love to meet you.

Perks of being a Frontliner:

Frontline offers a competitive compensation package including a base salary, rewarding bonus structure, 401k match, and personalized PTO! Our company’s growth has created a promising environment for career advancement and rewarding challenges. We offer a tuition reimbursement program for eligible college credit coursework available to employees depending on their status and length of employment.

The salary range for this role is $140,000 - $150,000 per year, based on experience, skills, and internal equity. In addition to base salary, this role includes a bonus, personalized PTO, and comprehensive benefits, including health insurance, 401k, and much more!

Our Privacy Policy: Your privacy is important to us. Click here to read our general Privacy Statement, and click here to read our Applicant Privacy Statement

Original Job Description

Senior Information Security Engineer 2

Location: United States

Description

Senior Information Security Engineer 2

Remote or Hybrid to Wayne, PA; Naperville, IL

Key Responsibilities:

Engineer, implement and monitor security measures for the protection of computer systems, networks and information
Design, build and deploy next-generation cloud security practices, controls, and technologies to protect Frontline’s public and private cloud infrastructure
Work across product, infrastructure and business systems teams to enhance and evangelize security in cloud infrastructure
Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
Assist with driving changes needed to respond to emerging threats and implement countermeasures
Lead initiatives to develop and build security utilities and tools that will enable others to operate more efficiently and securely in cloud environments
Develop and maintain automation scripts or internal tools to improve the efficiency and consistency of security operations
Lead the Security Incident Response Team (SIRT) efforts to respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
Create and maintain incident response runbooks, conduct tabletop exercises, and perform post-incident reviews to improve readiness
Support the CISO in strengthening incident readiness posture and response maturity across the organization
Conduct regular security assessments of a suite of applications (internally developed and acquired through M&A)
Integrate security controls into CI/CD pipelines by enabling SAST, DAST, and software composition analysis (SCA) tooling
Collaborate with development teams to embed security throughout the software development lifecycle (SSDLC)
Participate in threat modeling and security architecture reviews to guide secure design of applications and infrastructure
Create automated tests to encourage and enforce security standards
Play a key role in the cross-functional effort to define secure configuration standards for key technology platforms
Analyze information systems utilizing various cybersecurity techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, SIEM solutions, and vulnerability assessment software to aid in the detection and prevention of cyberattacks
Perform vulnerability assessments and penetration tests of systems and networks and prioritize remediation efforts
Deploy and manage security technologies such as firewalls, web application firewalls, proxy systems, logging, and other security devices, threat detection tools
Conduct and monitor Independent Validation and Verification (IV&V) testing for software applications and systems
Help design and implement processes and technology solutions to assess, monitor, audit, and enforce compliance with internal and regulatory requirements, such as ISO27001, PCI, SOC, and others
Create detailed business, technology, operational, and security requirements
Understand, develop, implement, and monitor technical and non-technical policies, procedures, processes, and workflows
Assist the CISO in shaping and operationalizing security engineering initiatives and strategic roadmaps
Solution delivery / implementation (directly or through partnerships)
Support third-party vendor assessments and monitor external partners for ongoing security risks
Respond to customer and stakeholder security inquiries, including security questionnaires and due diligence requests
Lead technical mentorship and knowledge-sharing initiatives across engineering teams to champion security best practices

Qualifications:

Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
8+ years’ experience working in IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
3+ years of experience in software/application security required
Security certification such as CEH, CISSP, CISA, CISM, CRISC or equivalent required
Strong working knowledge of TCP/IP networking and common protocols
Experience with and understanding of cryptography
Knowledge of a broad range of security controls and risk management frameworks NIST, ISO 2700x, PCI-DSS, SOC, and other similar standards
Knowledge of regulatory compliance issues such as FERPA, HIPAA, SOX, GLBA, and PCI
Experience with centralized log management tools

Who We Are:

Perks of being a Frontliner:

Our Privacy Policy: Your privacy is important to us. Click here to read our general Privacy Statement, and click here to read our Applicant Privacy Statement

Let me find your next job.

Thanks - you're signed up.

Senior Information Security Engineer 2

Edtech.com's Summary

Senior Information Security Engineer 2 Full Description

Senior Information Security Engineer 2

Senior Information Security Engineer 2

Senior Information Security Engineer 2

Information System Security Officer

Content Specialist, Information Security

Cloud Security Engineer