As a Senior Security Engineer, you will be tasked with developing and maintaining solutions to defend Vanderbilt University from cybersecurity threats. You will be asked to research security trends, understand the current threat landscape, and implement and improve both technical solutions as well as processes/procedures to reduce risk to the organization. You will be asked to evaluate and implement security solutions for both on-premises and multi-cloud (AWS, Azure, GCP) environments to look for ways to enhance threat prevention and detection initiatives. The Senior Security Engineer will work with other teams across the organization to design, implement, and provide recommendations in areas such as secure network design and Identity and Access Management (IAM). This role will also be responsible for maintaining the team's security tools such as, but not limited to, SIEM, IDS, EDR, and cloud security technologies. A successful candidate for this position will keep up to date with industry trends as well as possess the technical ability to design and implement these solutions. The Senior Security Engineer will also develop tools, scripts, and product integrations to enhance the suite of security solutions across the organization. The Senior Security Engineer should be able to perform all technical tasks with minimal to no supervision/guidance, be able to communicate their results in an effective way, and mentor the associate and mid-level Security Engineers on the team.
The Information Security team within Vanderbilt University's Information Technology department provides cybersecurity services to the institution and associated partners. This position will work closely with the Lead of Information Security as a part of the Security Engineering and Architecture team as well as with other members of Information Security and various entities both inside and outside of the university.
Duties and Responsibilities
Security Engineering and Architecture:
Act as a technical expert in researching, implementing, and supporting security solutions across various focus areas (endpoint, network, cloud, IAM, etc.). This includes continuously improving, tuning, and maintaining the tools primarily used by Vanderbilt's Security Operations Center (SOC) to make them stable and accurate.
Evaluate and implement logging best practices across various systems, devices, and applications to determine what is needed to effectively prevent and detect threats.
Perform research on adversary tools, tactics, and procedures (TTPs) and be able to engineer and construct defensive solutions against them.
Work with other teams across the organization to enhance the security strategy of multiple IT disciplines and technologies.
Write custom scripts/tools to integrate with both native and 3rd party products to create, enrich, and automate threat prevention, detection, and remediation abilities.
Act as an overflow for the Security Operations Center and assist in alert monitoring, security analysis, digital forensic/incident response, and E-Discovery when needed.
Train and mentor the associate and mid-level Security Engineers on the team.
All technical tasks should be able to be executed with minimal to no supervision/guidance.
Internal Number: 2001038
About Vanderbilt University
Vanderbilt University is a center for scholarly research, informed and creative teaching, and service to the community and society at large. Vanderbilt will uphold the highest standards and be a leader in the quest for new knowledge through scholarship, the dissemination of knowledge through teaching and outreach, and the creative experimentation of ideas and concepts. In pursuit of these goals, Vanderbilt values most highly intellectual freedom that supports open inquiry, equality, compassion, and excellence in all endeavors.