Berklee seeks a Security Engineer to engage in all aspects of CyberSecurity Operations.
Reporting to the Assistant Vice President for Systems, Networks, & Information Security, the Security Engineer will function as the lead security operations analyst and engineer, charged to protect and defend critical data, applications and infrastructure.
The Security Engineer will provide strategy and implementation guidance to other operations and engineering teams and will work to build and maintain a secure, scalable environment of integrated global networks, applications, and related systems.
The Security Engineer will Identify threats to the environment through a suite of Security Operations Center systems and tools.
Perform periodic Risk Assessments, Application and Infrastructure Audits, and vulnerability assessments.
Determine infrastructure, application and cloud security requirements, procedures and policies; define and implement security controls.
Perform network penetration tests, application vulnerability assessment scans, risk assessment reviews, and other proactive preventative security measures. Plan and create penetration testing plans. Perform hands-on penetration testing. Create and/or maintain penetration toolkits. Present findings and/or remediation guidance.
The Security Engineer will Protect the College constituents and critical assets through management of access control and data security functions.
Design, implement, modify, and administer Identity and Access Management and account provisioning systems, two-factor authentication systems and single-sign-on systems, connections to Cloud services, and other production or legacy application systems environments.
Participate in data governance and data retention strategies and controls.
Participate in the design of information security policy, education, training, and awareness activities; monitor compliance with the college security policy and applicable laws; and participate in the coordination of the investigation and reporting of security incidents.
The Security Engineer will Detect cybersecurity events, Respond to threats and manage incidents as they arise, and work to structure organizational Incident Response.
Perform endpoint incident detection and network incident detection and manage endpoint security systems (EDR, AV, etc.).
Respond to incidents involving malware, network based attacks, SIEM events, firewall events, IDS and IPS events, Cloud events and Data Loss Prevention events.
Create and maintain critical systems documentation, including System Security Plans (SSP), Disaster Recovery Plan (DR), and Incident Response Plan (IRP)
Participate in vendor and new technology evaluations
Perform vulnerability assessments and remediations
The ideal candidate will have a significant level of operational cybersecurity expertise , experience working in heterogeneous technology environments, participating in systems integrations, and troubleshooting complex issues. She or he will have experience monitoring an environment that spans on-premises, co-located, hosted, and cloud architectures. She or he will be able to skillfully communicate complex business and technical processes in easy to understand visual documentation, with clear, concise oral skills, and have the patience and interpersonal skills to train and mentor technical colleagues on proper security operation and concepts. She or he will have incident management or crisis management experience.
CISM, GIAC or CISSP certifications preferred.
MINIMUM JOB QUALIFICATIONS:
Bachelor's Degree and 5+ years of experience in business administration, auditing, and information security-related OR systems integration fields (with a strong understanding of security concepts).
Ability to manage and maintain a disparate suite of security solutions.
Ability to produce and maintain security logs and incident reports.
Meticulous, detail-oriented with a high degree of organizational, administrative and interpersonal skills.
Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, antivirus, and/or other security logging sources.
Familiarity with compliance themes is preferable, including but not limited to legal requirements such as 201 CMR 17.00, FERPA, NIST as well as industry standards that govern software lifecycles.
Experience working and troubleshooting in a technical environment
Strong interpersonal skills; ability to handle issues and various requirements and needs of staff and faculty throughout the college.
Knowledge and Skills Preferred:
Experience with ISO27001 or other security frameworks
Experience with AWS and AWS IAM and/or cloud security
Experience with Identity Automation Rapid Identity or account provisioning software
Experience with Rapid 7, Sophos Antivirus
Experience with G Suite, Google Apps Directory Sync & Google Apps Administration
Database query building (SQL) and reporting
Experience with LDAP and Active Directory user security management
Experience with Windows 2008, 2012, 2016; Linux, Red Hat
Programming or scripting including Python, Perl, Batch, SQL, CSS, XML, JSON, PHP
Experience working in an academic environment
Communication and Technical Leadership Competencies:
Knowledge of technology service frameworks such as ITIL.
Possess and demonstrate the ability to solicit and gather technical details and requirements contributing to the clarity and definition required to establish project milestones, tasks, and goals.
Ability to clearly summarize and communicate in English moderately complex information in varied written formats to internal and external customers.
Ability to comprehend and communicate complex verbal information in English to colleagues and other internal and external customers and business partners.
Ability to demonstrate in-depth knowledge of concepts, practices and policies with the ability to use them in complex varied situations.
Ability to provide a high level of customer service and staff training to meet customer service standards and expectations.
Ability to lead project team meetings, including a review of action plans and tracking of project milestones.
Maintain a constructive, team-oriented and customer-focused attitude at all times and in all settings.
Ability to work independently and creatively, learn quickly, and solve complex problems in high-pressure situations.
Ability to influence, train, mentor, and leverage the skills of others, including business partners and technical team members.
Knowledge of software development life cycles and methodologies.
Applicants who are both interested and qualified should submit the following materials: * Cover letter that addresses the applicant's capabilities and experiences. * A resume or CV.
Currently enrolled Berklee students may not apply for staff or faculty positions.
The above information on this position description has been designed to indicate the general nature and level of work performed by individuals within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Requirements are subject to possible modification to reasonably accommodate qualified individuals with disabilities. This document does not create an employment contract, implied or otherwise, other than an "at will" employment relationship.
External and internal applicants, as well as position incumbents who become disabled as defined under the Americans With Disabilities Act, must be able to perform the essential job functions (as listed) either unaided or with the assistance of a reasonable accommodation to be determined by management on a case-by-case basis.
Incomplete applications will not be considered. The position will remain open for applications until filled.
Berklee is committed to increasing the diversity of the college community and the curriculum. Candidates who can contribute to that goal are encouraged to apply and to identify their strengths in this area.
Employee Type: Staff
Internal Number: R0001954
About Berklee College of Music
The mission of Berklee College of Music is to educate, train, and develop students to excel in music as a career. Developing the musicianship of all our students is the foundation of our curriculum. We believe that the lessons and qualities derived from that work?the self-discipline needed for excellence, the empathy required of music making and the openness and inquisitiveness essential to creativity?are critical to achievement in any pursuit, musical or otherwise; and that music is a powerful catalyst for personal growth, which is central to any collegiate experience. Founded on jazz and popular music rooted in the African cultural diaspora, our comprehensive curriculum is distinctly contemporary in its content and approach, and embraces the principal musical movements of our time. Through a course of scholarly and practical learning experiences integrating performance and writing, our curriculum covers the variety of influential styles, relevant technologies, and career opportunities open to today's music professional.