What are the responsibilities and job description for the IT Security Engineer position at Wentworth Institute of Technology?
Summary
Job Description
The IT Security Engineer is a position working within the Network Operations team in the Digital Technology Services (DTS) that will be focused on implementing and maintaining security measures to safeguard Wentworth’s network, systems, applications, and data. This position will be responsible for safeguarding against security breaches, developing incident response strategies, and staying ahead of new security trends and bad actor tactics. This position will report to the Director of Network and Systems Operations.
Working alongside team members in Network Operations, the Security Engineer is responsible for day-to-day tier 2/3 response and resolution of security issues and incidents. The Security Engineer will also be involved in projects related to upgrading existing technology or deploying new technology as needed.
The Security Engineer will be responsible for the administration and operation of cyber security tools and technologies. This will include coordinating with external SOC and maintaining the SIEM, vulnerability scanner, and endpoint protection software.
This position will also help develop and maintain cyber security incident response procedures, security risk assessments, metrics, and reports.
Essential Functions
Inclusive Excellence is one of the four pillars of the Strategic Plan. Actively and intentionally cultivating a diverse and culturally competent institution where each member has the opportunity and support to reach their full potential and make contributions to our campus community and beyond is Inclusive Excellence at Wentworth.
To find out more about the Wentworth’s commitment to Inclusive Excellence, please visit the website https://wit.edu/about/inclusive-excellence.
All applicants have the right to accessibility support and accommodations. To request accessibility support or accommodations, contact the Executive Director of Equity and Compliance, Catlin Wells, at wellsc1@wit.edu.
E-Verify for Employment Eligibility Verification (Form I-9)
Wentworth participates in E-Verify. E-Verify is an internet-based system that compares information from your Form I-9 to records available to the U.S. Department of Homeland Security (DHS) and Social Security Administration (SSA) to confirm that you are authorized to work in the United States.
Job Description
The IT Security Engineer is a position working within the Network Operations team in the Digital Technology Services (DTS) that will be focused on implementing and maintaining security measures to safeguard Wentworth’s network, systems, applications, and data. This position will be responsible for safeguarding against security breaches, developing incident response strategies, and staying ahead of new security trends and bad actor tactics. This position will report to the Director of Network and Systems Operations.
Working alongside team members in Network Operations, the Security Engineer is responsible for day-to-day tier 2/3 response and resolution of security issues and incidents. The Security Engineer will also be involved in projects related to upgrading existing technology or deploying new technology as needed.
The Security Engineer will be responsible for the administration and operation of cyber security tools and technologies. This will include coordinating with external SOC and maintaining the SIEM, vulnerability scanner, and endpoint protection software.
This position will also help develop and maintain cyber security incident response procedures, security risk assessments, metrics, and reports.
Essential Functions
- Administer and support the Network Operations infrastructure, including but not limited to Windows Servers, Linux Servers, Storage, Office 365, Identity Management with Microsoft Entra ID and SailPoint IDM, Exchange, and Teams;
- Respond to and resolve tier 2/3 incidents and issues in a timely manner.
- Ensure general availability of production and development environments.
- Research and escalate more complex issues to management or vendors as needed.
- Assist with the successful implementation of technology related projects that help to meet the stated goals and objectives of DTS and of Wentworth Institute of Technology, including but not limited to include the updating of existing technology or the implementation of new technology.
- Help identify areas of need and research and recommend solutions.
- Manage and maintain the SIEM, vulnerability scanner, and end point protection.
- Produce and distribute vulnerability scan reports. Work with 3rd Party SIEM support to keep SIEM event sources current and design appropriate SIEM alerts.
- Administer and support the end point protection management software.
- Develop knowledge of tools and techniques to monitor the network and systems for security-related configuration vulnerabilities and to produce security related metrics in the environment. Generate actionable reports from that data.
- Working closely with senior management and the security team, develop and maintain cyber security incident response procedures.
- Acquire basic knowledge of computer forensic tools and techniques.
- Support senior management in any security risk assessment, risk analysis, or compliance activities as directed.
- Bachelor's degree.
- Minimum 3-5 years of relative experience.
- Experience with security technologies such as firewalls, IDS/IPS, SIEM systems, MFA, DLP, endpoint protection, and antivirus software.
- Understanding of cloud security concepts, especially for AWS, Azure, or Google Cloud.
- Experience with Microsoft 365 security related admin centers.
- Hands-on experience with threat hunting, malware analysis, and reverse engineering malicious activities (e.g., MS Advance hunting, YARA rules, etc.).
- Experience creating custom detection rules in SIEM products.
- Experience with SOAR products and automation.
- Experience with Identity Lifecycle and Identity Management products.
- Knowledge of scripting for automation in security tasks (e.g., Python, PowerShell).
- Proficiency in VMware vSphere.
- Proficiency in security frameworks like NIST, ISO 27001
- Detailed knowledge of data privacy laws such as PCI DSS, HIPAA, FERPA
- Experience in a SOC (Security Operations Center) environment
- Experience writing organization wide policies and working with the legal department on updating existing policies
- Palo Alto Firewalls
- Aruba Network Technology
- SailPoint Identity Management
- Recognized exam-based security certifications such as Security , CEH, SSCP, or GIAC
- This is a full-time, benefits-eligible, exempt position (37.5 hours/week).
- This role is based in Boston and is eligible for hybrid work schedule
Inclusive Excellence is one of the four pillars of the Strategic Plan. Actively and intentionally cultivating a diverse and culturally competent institution where each member has the opportunity and support to reach their full potential and make contributions to our campus community and beyond is Inclusive Excellence at Wentworth.
To find out more about the Wentworth’s commitment to Inclusive Excellence, please visit the website https://wit.edu/about/inclusive-excellence.
All applicants have the right to accessibility support and accommodations. To request accessibility support or accommodations, contact the Executive Director of Equity and Compliance, Catlin Wells, at wellsc1@wit.edu.
E-Verify for Employment Eligibility Verification (Form I-9)
Wentworth participates in E-Verify. E-Verify is an internet-based system that compares information from your Form I-9 to records available to the U.S. Department of Homeland Security (DHS) and Social Security Administration (SSA) to confirm that you are authorized to work in the United States.