The Cyber Security Engineer, reporting to the Director of Information Security, will lead the implementation of a robust cyber security program in collaboration with internal and external teams. They will focus on creating comprehensive documentation, assessing processes, resolving security issues, and refining security standards to meet CCRI & regulatory requirements. By working closely with IT service delivery teams, they will ensure the confidentiality, integrity, and availability of information assets. The engineer will actively detect, assess, and respond to cybersecurity events within the college’s data processing environments, while also managing audit support tasks and proactively identifying indicators of compromise. In partnership with application owners, IT staff, and CCRI partners, they will mitigate security threats. Effective interaction with product vendors, service providers, and personnel from various college departments and business units is essential for success in this role.
This position is onsite in Rhode Island. If you are not located within commuting distance, please explain your plan to relocate in your cover letter.
Duties and Responsibilities:
-Manage the lifecycle of vulnerabilities, from discovery and triage to remediation and validation
-Continuously review and update security systems documentation to ensure accuracy and relevance
-Stay abreast of industry standards, regulations, and emerging threats, incorporating them into security practices and strategies
-Foster effective relationships with key stakeholders to facilitate collaboration and support for IT security initiatives
-Support the development and delivery of security awareness training to technical staff and end-users to reduce human factor risks.
-Conduct penetration tests and vulnerability assessments to evaluate the effectiveness and resilience of the college’s information systems and infrastructure, while identifying and exposing weaknesses
-Manage and tune security tools such as SIEMs, IDS/IPS, EDR, and firewall systems to improve detection and response capabilities.
-Work with data to collect, summarize, and visualize compliance evidence reporting
Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of any employment visa including student visas.
Minimal Requirements:
Bachelor’s degree
Minimum two years of experience in an Information Security role
Minimum two years of experience working on corporate technologies (including but not limited to endpoints, servers, and network technologies)
Demonstrated experience with vulnerability management solutions, MDM technologies and endpoint security solutions
Demonstrated experience securing multiple operating systems
Demonstrated knowledge of networking and application protocols
Demonstrated customer service skills and technical problem-solving skills
Demonstrated strong interpersonal and verbal communication skills
Demonstrated proficiency in written communication skills
Demonstrated ability to work with diverse groups/populations
Preferred Qualifications:
Demonstrated higher education experience in a security administrator position
Demonstrated knowledge of cloud platforms and cloud security
Demonstrated experience in regulated environments (HIPAA, PCI, GLBA, etc.)
Demonstrated experience with data loss prevention technologies
Demonstrated experience with web application security scanners
Master's degree
Since opening its doors for the first time on September 24, 1964, the Community College of Rhode Island has created a strong foundation as the state’s only associate degree-granting institution serving all Rhode Islanders with an affordable, high-quality education.