Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Job Description Summary
The Cybersecurity Team is part of Bentley Information Technology which is the central provider of technology infrastructure, services, and applications for the University. Reporting to the Associate Director of Cybersecurity Operations, the Senior Cybersecurity Engineer will lead technical cybersecurity operational efforts in collaboration with a wider network of subject matter experts embedded in other IT departments. They will work most closely with IT staff as well as HR, Legal, Finance, and Student Affairs to identify and manage risk through a cycle of identification, protection, detection, response, and recovery. Security operations and technical tools/solutions are critical to success. The cybersecurity team reports to the Cabinet, the Audit Committee, and/or the Cybersecurity subcommittee.

The Senior Cybersecurity Engineer will plan, coordinate, and implement security measures to protect Bentley's data, systems, and assets in support of Bentley's Cybersecurity Framework and Program. The Senior Cybersecurity Engineer will focus on technical implementation and support of all security systems with a particular focus on vulnerability scanning tools, Security Incident Event Management (SIEM) tools, Data Loss Prevention (DLP) suite, and Microsoft's security suite.

Essential Duties

• Plan and collaborate on technical cybersecurity operational activities in conjunction with Systems, Networks, and Client Services teams
• Collaborate with Systems, Networks, and Client Services teams in weekly vulnerability management tasks such as scanning, identifying, and remediating vulnerabilities
• Respond to vulnerability reports from other parties, occasionally responding after normal work hours based on a rotating schedule or to manage an incident. Score and triage vulnerability. Recommend appropriate prioritization to remediate the issue
• Work closely with Bentley's managed security services provider to manage and address security alerts, and integrate data into the SIEM environment (Splunk)
• Respond to cybersecurity incidents in collaboration with Client Services during business hours and provide occasional after-hours coverage
• Develop expertise in the Microsoft Security and Compliance centers, and other Microsoft tools used by the university to prevent and respond to cybersecurity incidents
• Participate in regular technical meetings with IT colleagues to review network, systems, and endpoints security posture, identify best practices and remediation steps for any gaps
• Manage project timelines, action items, and deliverables professionally and responsively. Navigate Bentley's organization and IT environment to best realize the strategic and tactical objectives of the Cybersecurity Program
• Keep current with Bentley's changing business and IT environment and the external technologies and threat landscape to best manage risk and to be proactive in providing solutions to mitigate risks to acceptable levels
• Advise on technical security best practices, make recommendations, and take action to protect data and systems
• Access and manage numerous reporting and security tools to protect our environment and investigate incidents. Suggest and execute appropriate measures to contain or thwart attacks
• Build a relationship with the Managed Security Service provider to address risk, mitigate threats, and report on the overall health of the environment
• Plan and manage outside vendor penetration tests including test scope, contract terms, test timing, and all aspects of the penetration test
• Assist with other aspects of Bentley's Cybersecurity program - standard operating procedures, etc.

Minimum Qualifications

• Bachelor's degree. Bachelor's degree in computer science, information systems, or engineering preferred.
• 5+ years of related experience. Demonstrated proficiency and knowledge in information security
• Strong written and verbal communication skills with ability to convey risk priority and impact
• Working knowledge of IT infrastructure (networks, systems, and endpoints) and applications security
• Understanding of security designs to support compute infrastructure, cloud services, networking technology, and architecture
• Ability to multi-task keeping the highest risk and/or priority items at the forefront.
• Timely and professional responsiveness
• Ability to quickly adapt to new processes and able to recommend process changes to improve organizational response
• Strong understanding of vulnerabilities and vulnerability prioritization
• Ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation
• Knowledge of processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering, and protecting organizational data
• Knowledge of Security Incident Event Management (SIEM) tools (e.g. Splunk or Microsoft Sentinel)
• Knowledge of Microsoft's Advance Threat Protection security suite (e.g. Azure Advanced Threat Protection, Windows Defender ATP, or O365 Cloud Application Security)
• Project and process management experience

Preferred Qualifications

• Master's degree in computer science, information systems, or engineering
• Experience utilizing vulnerability testing tools such as Rapid7 Nexpose, Tenable Nessus, Qualys, Metasploit, Nmap, Wi-Fi Pineapple, or other similar tools
• Experience with firewalls, ACLs, and VPN technologies
• Work experience in higher education with knowledge of FERPA
• Inquisitive nature and interest in unraveling and sorting through a variety of information from numerous

Work Environment

• Sitting or standing in front of a computer for most of the day.
• Ability to travel to locations and meetings across campus.
• This position is expected to share on-call monitoring duties with the team and be available off-hours to coordinate incident response and system changes

Bentley University requires references checks and may conduct other pre-employment screening.

DIVERSITY STATEMENT

Bentley University strives to create a campus community that welcomes the exchange of ideas, and fosters a culture that values differences and views them as a strength in our community.

Bentley University is an Equal Opportunity Employer, building strength through diversity. The University is committed to building a community of talented students, faculty and staff who reflect the diversity of global business. We strongly encourage applications from persons from underrepresented groups, individuals with disabilities, covered veterans and those with diverse experiences and backgrounds.