City: Nashville, TN, US
Employer Reference: 10006365
Company Description
Vanderbilt is a community of talented and diverse staff & faculty!
At Vanderbilt University , our work - regardless of title or role - is in service to an important and noble mission in which every member of our community serves in advancing knowledge and transforming lives on a daily basis. Located in Nashville, Tennessee, on a 330+ acre campus and arboretum dating back to 1873, Vanderbilt is proud to have been named as one of “America’s Best Large Employers” as well as a top employer in Tennessee and the Nashville metropolitan area by Forbes for several years running. We welcome those who are interested in learning and growing professionally with an employer that strives to create, foster and sustain opportunities as an employer of choice through:
- Working and growing together as a community of communities... we are One Vanderbilt.
- Providing a work environment where every staff and faculty member can be their authentic and best self, while providing the resources and opportunities to learn and grow.
- Encouraging development, collaboration, and partnership both internally and externally while fostering the value that every member of the Vanderbilt community can lead and grow regardless of title or position.
We understand you have a choice when choosing where to work and pursue a career. We understand you are unique and have a story. We want to hear it. We encourage you to apply today so that you might become a part of our story.
*************************************************************************************************************************
Vanderbilt University has made the health and safety of our students, faculty and staff and our surrounding communities a top priority. As part of that commitment, the University may require employees to comply with any testing or health and safety measures which the University may require.
Commitment to Equity, Diversity, and Inclusion
At Vanderbilt University, we are intentional about and assume accountability for fostering advancement and respect for equity, diversity, and inclusion for all students, faculty, and staff. Our commitment to diversity makes us who we are. We have created a community that celebrates differences and lets individuality thrive. As part of this commitment, we actively value diversity in our workplace and learning environments as we seek to take advantage of the rich backgrounds and abilities of everyone. The diverse voices of Vanderbilt represent an invaluable resource for the University in its efforts to fulfill its mission and strive to be an example of excellence in higher education.
Vanderbilt University is an equal-opportunity, affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran, or any other characteristic protected by law.
Please note, all candidates selected for an offer of employment are subject to pre-employment background checks, which may include but are not limited to, based on the role for which they have been selected: criminal history, education verification, social media review, motor vehicle records, credit history, and professional license verification.
Job Description
The Senior Cybersecurity Engineer at Vanderbilt University holds the crucial responsibility of devising and upholding robust defense mechanisms against cyber security threats. This role involves in-depth research into emerging security trends, comprehensive understanding of the current threat landscape, and the continual enhancement of technical solutions and operational procedures to mitigate risks to the institution. Additionally, the Sr. Cybersecurity Engineer evaluates and deploys security solutions across diverse environments, including on-premises and multi-cloud platforms such as AWS, Azure, and GCP, with a focus on bolstering threat prevention and detection capabilities. Collaboration with cross-functional teams is integral for crafting secure network designs and optimizing Identity and Access Management (IAM) frameworks. Furthermore, the role encompasses the maintenance of essential security tools like SIEM, IDS, EDR, and cloud security technologies. An ideal candidate must remain abreast of industry developments and possess the technical proficiency to design and implement cutting-edge security solutions, while also developing tools, scripts, and integrations to fortify the organization’s security posture. The Sr. Cybersecurity Engineer should demonstrate autonomy in executing technical tasks, adept communication skills in conveying findings, and a commitment to mentoring junior team members.
About the Team:
Vanderbilt University Information Technology is a human-centric organization that advances our university by delivering innovative solutions and frictionless experiences through collaboration.
The Cybersecurity team within Vanderbilt Universityâs Information Technology department provides cybersecurity services to the institution and associated partners. This position will work closely with the Director of Security Engineering and Operations as a part of the Security Engineering and Operations team as well as with other members of Information Security and various entities both inside and outside of the university.
Duties and Responsibilities:
Act as a technical expert in researching, implementing, and supporting security solutions across various focus areas (endpoint, network, cloud, IAM, etc.).
- Improve, tune, and maintain the tools primarily used by Vanderbiltâs Security Operations Center (SOC) to make them stable and accurate.
- Evaluate and implement best practices across various systems, devices, and applications to determine what is needed to effectively prevent and detect threats.
- Research on adversary tools, tactics, and procedures (TTPs) and be able to engineer and construct defensive solutions against them.
- Write custom scripts/tools to integrate with both native and 3rd party products to create, enrich, and automate threat prevention, detection, and remediation abilities.
Work with other teams across the organization to enhance the security strategy of multiple IT disciplines and technologies.
- Identify gaps in current deployments and implement solutions to improve monitoring, visibility, and response capabilities.
- Partner with Teams on new technology deployments to design and implement appropriate security controls.
Act as an overflow for the Security Operations Center and assist in alert monitoring, security analysis, digital forensic/incident response, and E-Discovery when needed.
- Leverage learnings from these events to tune detection tools, improving key metrics for response and incident closure.
- Provide mentorship for associate and mid-level Security Engineers on the team.
Supervisory Relationships:
This position does not have supervisory responsibility, this position reports administratively and functionally to the Director, Security Operations and Engineering.
Qualifications
- Bachelorâs degree is necessary
- Degree in Computer Science, Information Security, or related focus is preferred
- Relevant Cybersecurity certifications are preferred
- 5 years of relevant experience necessary
- Professional experience working on (or supporting) threat prevention, detection, and response teams is preferred
- Professional experience working with, engineering, configuring, or tuning two or more of the following technologies is necessary:
- Security Information and Event Management (SIEM), Cloud security solutions, Endpoint Detection and Response (EDR), Intrusion Detection/Prevention IDS/IPS
- Experience with developing scripts / tools is necessary, Python is preferred
- A deep understanding of adversary tools, tactics, and procedures (TTPs) is necessary
- Experience with frameworks such as MITRE ATT&CK is preferred
- Knowledge of threat modeling and penetration testing is preferred
- Knowledge of the incident response lifecycle and the stages of a cyber-attack is preferred
- Knowledge of malware behavior, investigation, and containment strategies is preferred
- Knowledge of forensic artifacts across various operating system is preferred
Information Technologyâs Guiding Principles:
- Trust and Respect- VUIT cultivates a community built on trust, mutual respect, and inclusivity, where all members feel valued and supported. We prioritize honesty, dignity, empathy, and a willingness to listen and understand.
- Professionalism- VUIT strives to maintain a culture of maturity, accountability, and integrity to best represent the University and self. Have a sense of humility and poise in your work and daily interactions.
- Collaborate- VUIT commits to being inclusive in solution design where we value sharing within and partnering across the university. We are intentional about including our colleagues and preventing silos.
- Bias-to-Action- VUIT is seen as a changemaker by exhibiting a decisive, self-starter, take-action approach with a willingness to make decisions without excessive deliberation. Personal initiative is recognized as a key part of the creative process.
- Communicate- Communication (written, verbal and non-verbal), within and outside VUIT, is open, thoughtful, welcoming, clear, proactive, concise yet complete, always honest, and delivered kindly.
- Innovate- VUIT pledges to be bold and challenge the status quo by inspiring a culture of creativity that promotes growth and advancement for the university.
- Celebrate Each Other- We are intentional in showing appreciation for the work of others by valuing and acknowledging meaningful contributions at all levels of the organization.
- Optimize- VUIT will practice continuous and thoughtful optimization of our solutions and services to increase our human and technological capacity. Capacity drives innovation.
#VUCLO