eHire - Engineer, Senior Security

Position Information

Location	Service Center
Hours	Typically Monday - Friday 8 am to 5 pm.
Salary	Administrator 1/999 ($0.00 - $0.00)
FLSA Status	Exempt
Reports To	Chief Information Security Officer
Criminal Background Check

College Profile

Austin Community College (ACC) is a public two-year institution that serves a diverse population of approximately 41,000 credit students each fall and spring semester. We embrace our identity as a community college as reflected in our mission statement. We promote student success and community development by providing affordable access, through traditional and distance learning modes, to higher education and workforce training, including appropriately applied baccalaureate degrees, in our service area.

As a community college committed to our mission, we seek to recruit and retain a workforce that:

Reflects the diversity of our community.
Values intellectual curiosity and innovative teaching.
Is attracted by the college mission to promote equitable access to educational opportunities.
Cares about student success and collaborates on strategies to facilitate success for underrepresented populations.
Welcomes difference and models respectful interaction with others.
Engages with the community both within and outside of ACC.

Our Mission

The Austin Community College District promotes student success and community development by providing affordable access, through traditional and distance learning modes, to higher education and workforce training in its service area.

For more information, see http://www.austincc.edu/about-acc/mission-statement.

Commitment to Equity and Inclusion

ACC is committed to the ongoing systemic changes needed to ensure the increased recruitment, inclusion, retention, and completion of historically underserved and underrepresented populations. Through continual strategic community engagement and professional development of administrators, faculty, staff, and students, the college demonstrates its dedication to fostering a culture and climate for equitable outcomes.

As an open-access and low-cost institution, ACC is proud to serve a diverse student body. Dedicated faculty members are excellent professors who help students achieve their educational goals and are sensitive to the diverse cultures and socio-economic backgrounds of our students. The College values and is committed to equity, diversity, and inclusion throughout the College community.

General Statement of Job

The Security Engineer collaborates with technology and business personnel in various security capabilities. This is a high visible and cross functional role as it relates to the increasing organization security posture and reducing risk. This position is responsible for a broad range of tasks, including the day-to-day security tactical support utilizing information and various security tools.

Description of Duties and Tasks

Essential duties and responsibilities include the following. Other duties may be assigned.

Provides direction and support for a program, system, or enclaves information assurance program.
Provides security guidance and support to system developers, administrators, and owners.
Provides guidance, support, and architecture review for directed changes related to security.
Performs threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
Develops and maintains documentation for security systems and procedures.
Configures and maintains security Cisco security tools and OS/365 ATP.
Handles operational security incidents, help build security workbooks, processes and event data to produce monthly exception and management reports.
Infrastructure Protection
- Participate in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems.
- Assist in the management of firewalls, intrusion detection systems, switches and routers.
- May be required to assist in the management of firewalls and intrusion detection systems.
Risk and Control Assessment
- Implement or coordinate remediation required by audits, and document exceptions as necessary.
- Perform system and application vulnerability testing.
- Participate in enterprise testing and assessment activities.
Threat and Vulnerability Management
- Research threats and vulnerabilities and, where appropriate, act to mitigate threats and remediate vulnerabilities.
- Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
- Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.

Additional Job Specific Duties

Responds to and, where appropriate, resolves or escalates reported security incidents.
Monitors system logs, SIEM tools, hunts for exploits and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
Investigates and resolves security violations by providing postmortem analysis to illuminate the issues and possible solutions.
Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained.

Knowledge

Must possess required knowledge and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.

Working knowledge of compliance standards such as TCF Framework, NIST, and FedRAMP.
Working experience on various security tools to locate and repair security problems, exploits, incidents, or failures.
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
Strong working knowledge of IT service management ITIL related services Change management, Configuration management, Asset management, Incident management, Problem management, etc.
Experience with NESSUS in a complex network environment.
Working experience on regulatory compliance drivers such as TAC202 TCF framework and NIST.

Skills

Must possess required skills and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.

Maintaining an established work schedule.
Effectively using organizational and planning skills.
Prioritizing multiple tasks, projects, and demands.
Ability to work well under minimal supervision with team-oriented interpersonal skills, is a must.
Strong written and verbal communication skills.
Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation.

Technology Skills

Use a variety of spreadsheet, word processing, database, and presentation software.
Technical proficiency with security-related systems and applications.

Required Work Experience

Three years related work experience.

Preferred Work Experience

Five or more years of experience in information security.
Minimum of five years of IT security experience.
Strong working experience in OS/365, Cisco Security Suite, and working knowledge network security is preferred.

Required Education

Bachelor's degree.

Four years of related work experience may substitute for this education requirement. Applicants who substitute work experience to meet the education requirement must use additional related work experience to meet the years of "Required Work Experience" for this position. Please note that the college reserves the right to amend these terms of substitution at any time.

Preferred Education

Bachelor's degree in information systems.

Special Requirements

Licenses/Certifications; Other

Valid Texas Driver's License and reliable transportation for travel in the Austin area as required.
Possess one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or equivalent preferred.

Physical Requirements

Subject to standing, walking, sitting, bending, reaching, kneeling, pushing, and pulling.
Occasional lifting of objects up to 20 pounds.

Safety

Work safely and follow safety rules. Report unsafe working conditions and behavior. Take reasonable and prudent actions to prevent others from engaging in unsafe practices.

Information for This Posting Only

This is a benefit eligible position funded through January 31, 2022 and is subject to renewal. The College is unable to support candidates who require sponsorship to work in the United States.