Security Engineer

EAB

1d•Hybrid

About The Position

The Security Engineer will be a valued member of the EAB Information Security team. We work to keep our partners and EAB colleagues safe from cyber-attacks and prevent the theft of data and intellectual property. We think big and strategic but aren’t afraid to get into the weeds. We’re builders and breakers. We believe that diversity makes for better, more creative solutions to tough problems. We’re easy to work with and eager to help. Most importantly, we work every day to contribute to the mission of making education smarter and our communities stronger. If this sounds like you, we’d love to talk. The Security Engineer will work within the Company’s Information Security Group and be responsible for performing tasks associated with security operations, detection, and response. The Security Engineer analyzes results from intrusion detection systems including utilizing other tools to detect compromises and ensure the integrity of the corporate network. The Security Engineer works within the security operations team and works across the firm with diverse teams (technical and non-technical) to strengthen observability controls and respond to security events. The Security Engineer builds partnerships and relationships across the company to advance strategic initiatives, improve security outcomes, and contribute positively to EAB’s security culture. This opportunity may be based in Washington, DC or Richmond, VA. This opening is not eligible for visa sponsorship at this time; EAB will thus consider candidates who possess U.S. work authorization that does not require employment-based visa sponsorship now or in the future.

Requirements

At least one year of experience as a security analyst, incident responder or enterprise defender
Experience with network protocols and architecture
Basic knowledge of system internals for at least one major operating system (Windows, Linux, and MacOS)
Ability to work in a fast-paced business environment with global, geographically-distributed teams
Exceptional interpersonal skills with ability to gain the confidence and respect of technology leaders and senior level executives
Familiarity with tools similar but not limited to DarkTrace, Bluecoat Proxy, Symantec Anti-Virus, RSA Archer, and/or Google Cloud.

Nice To Haves

Strong analytical and troubleshooting skills
Experience performing basic administration for security systems and working with third party vendors to resolve software and hardware issues
Experience with malware analysis including detection, prevention and eradication
Experience with Security Incident Event Management (SIEM) systems, including tuning, building queries, and integrating new data sources
Experience working across functions to expand visibility across applications, systems, and networks
Experience building out new detection technologies and incorporating internal and external data sources to enhance detection and response capabilities
Experience in implementing and supporting automation and infrastructure-as-code for security systems in cloud environments
Proven relationship-building skills and ability to work well under pressure and within tight deadlines
Strong writing, editing, and documentation skills
Strong communication skills
Willingness to learn new things and take on additional responsibilities (as appropriate) across multiple information security domains
Commitment to valuing diversity, practicing inclusive behaviors, and contributing to an equitable working and continual learning environment in support of EAB’s DE&I Promise

Responsibilities

Participate in security detection, response, and incident handling
Monitor networks and systems for security events, intrusions, and anomalous behaviors with the security operations team: daily review of data from Anti-Virus/Malware Detection, Firewalls, Intrusion Detection/Prevention Systems, Third Party Reports, Integrated Application Reports, Log Aggregation Platforms, and Web Application Firewalls (WAF)
Manage maintenance, hardware and software installation, upgrades, and troubleshooting for security assets in the data center and the cloud
Participate in company projects to provide security requirements, visibility requirements, and network design review of cloud deployments (SaaS, PaaS, IaaS) and on-premises integrations
Review major network changes to ensure compliance with existing IT policies and reduce the overall risk and number of vulnerabilities present across the network
Report vulnerabilities to stakeholders across the company as well as external organizations as necessary and appropriate
Effectively communicate and document security incidents to maintain records and formulate recommendations process improvements
Proactively assesses potential items of risk and opportunities of vulnerability in the network
Establishes strong relationships across the company with product and corporate IT teams, as well as with strategic service providers

Benefits

Medical, dental, and vision insurance plans; dependents and domestic partners eligible
20+ days of PTO annually, in addition to paid firm and floating holidays
Daytime leave policy for community service and flextime for fitness activities (up to 10 hours per month each)
401(k) retirement savings plan with annual discretionary company matching contribution
Health savings account, healthcare and dependent care flexible spending account, and pre-tax commuter plans
Employee assistance program with counseling services and resources available to all employees and immediate family
Wellness programs including gym discounts, incentives to promote healthy living, and family access to the leading app for sleep, meditation, and relaxation
Gender affirming care coverage
Fertility treatment coverage and adoption or surrogacy assistance
Paid parental leave with phase back to work program for birthing and non-birthing parents
Access to milk shipping service to support nursing employees during business travel
Discounted pet health insurance coverage for dog and cat family members
Company-provided life, AD&D, and disability insurance
Financial wellness resources and membership in a robust employee discount program
Access to employee resource groups, merit-based advancement, and dynamic professional growth opportunities