Frontline Education
Sr Information Security Engineer 2
🇺🇸 Hybrid - PA
🕑 Full-Time
💰 TBD
💻 Cybersecurity
🗓️ March 28th, 2024
CISSP K-12 NISTDescription
Senior Information Security Engineer 2
We are seeking a Senior Information Security Engineer 2 for an exciting opportunity to be part of a small security team and growing company, in an evolving industry. The Senior Security Engineer will report to the CISO and engage other stakeholders across the organization to drive change and promote security. This position is hybrid out of our Andover MA or Wayne, PA offices.
Our mission is very broad, and our team is small and agile. We will look toward your unique skills to approach and solve problems in your own way. Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you are empowered to engage and lead cross-functionally. In the role of Senior Information Security Engineer, you will focus on the evaluation, architecture, development, deployment, and operation of network, endpoint and cloud security solutions.
Responsibilities:
- Engineer, implement and monitor security measures for the protection of computer systems, networks and information
- Design, build and deploy next generation cloud security practices, controls and technologies to protect Frontline’s public and private cloud infrastructure
- Work across product, infrastructure and business systems teams to enhance and evangelize security in cloud infrastructure
- Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
- Assist with driving changes needed to respond to emerging threats and implement countermeasures
- Lead initiatives to develop and build security utilities and tools that will enable others to operate more efficiently and securely in cloud environments
- Lead the Security Incident Response Team (SIRT) efforts to respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
- Conduct regular security assessments of a suite of applications (internally developed and acquired through M&A)
- Create automated tests to encourage and enforce security standards
- Play a key role in the cross functional effort to define secure configuration standards for key technology platforms
- Analyze information systems utilizing various cybersecurity techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, SIEM solutions, and vulnerability assessment software to aid in the detection and prevention of cyber- attacks
- Perform vulnerability assessments and penetration tests of systems and networks and prioritize remediation efforts
- Deploy and manage security technologies such as Firewalls, Web Application Firewalls, proxy systems, logging, and other security devices, Threat detection tools
- Conduct and monitor Independent Validation and Verification (IV&V) testing for software applications and systems
- Help design and implement processes and technology solutions to assess, monitor, audit and enforce compliance with internal and regulatory requirements, such as ISO27001, PCI, SOC, and others
- Creating detailed business, technology, operational and, security requirements
- Ability to understand, develop, implement and monitor technical and non-technical policies, procedures, processes, and workflows
- Solution delivery / implementation (directly or through partnerships)
Qualifications:
- Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
- 8+ years’ experience working in IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
- 3+ years of experience in software/application security required
- Security certification such as CEH, CISSP, CISA, CISM, CRISC or equivalent required
- Strong working knowledge of TCP/IP networking and common protocols
- Experience with and understanding of cryptography
- Knowledge of a broad range of security controls and risk management frameworks NIST, ISO 2700x, PCI-DSS, SOC, and other similar standards
- Knowledge of regulatory compliance issues such as FERPA, HIPAA, SOX, GLBA, and PCI
- Experience with centralized log management tools
Frontline Education is a pioneer of school administration software purpose-built for K-12 districts. We provide innovative, connected solutions for student and special programs, business operations, and human capital management with powerful data and analytics to empower educators and administrators. We earn the trust of K-12 leaders across the U.S. by serving as a consistently high-performing, forthright partner of school districts through every dimension of the company.
We're a group of unique and talented individuals that love what we do. We've been lucky enough to land jobs with a rapidly growing tech company that supports an appreciative and friendly customer base. We work hard to make our customers happy, but we like to have a good time in the process. We are a company that strives to think in terms of “we” instead of “me.” We believe in the philosophy of servant leadership and that it’s all about putting others first. We also value the balance between family and work.
Frontline embraces diversity, equity, and inclusivity. We are intentionally building a workplace that respects, supports, and values the identities of all our employees. We believe this to be foundational in developing a strong community in our company. Frontline Education is an equal opportunity employer and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Frontline offers a competitive compensation package including a base salary, rewarding bonus structure, 401k match, and unlimited PTO! Our company growth has created a promising environment for career advancement and rewarding challenges. We offer a tuition reimbursement program for eligible college credit coursework available to employees depending on their status and length of employment.
