Skip to Main Content
Community/Job Board/Job Board/Technical (Programmer, Developer, Analyst)/Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

Posted: November 2, 2022
Description
Skills
Education
Company Description

Job Description Summary

The Cybersecurity Team is part of Bentley Information Technology which is the central provider of technology infrastructure, services and applications for the University. Reporting to the Director of Information Security and Data Privacy, the Senior Cybersecurity Engineer will lead the cybersecurity efforts of a wider network of subject matter experts embedded in other IT departments. The team works most closely with IT staff as well as HR, Legal, Finance, Student Affairs to identify and manage risk through a cycle of identification, protection, detection, response and recovery. Security operations and technical tools/solutions are critical to success. The team contributes on reports to the Cabinet, the Audit Committee, and/or the Cybersecurity subcommittee.

The Senior Cybersecurity Engineer will plan, coordinate, and implement security measures to protect Bentley data, systems, and assets in support of Bentley’s Cybersecurity Framework and Program. The Senior Cybersecurity Engineer will focus on security operations & incident response, monitoring and alerting, maturing vulnerability management, aspects of data classification, and access management.

Essential Duties

-Plan and lead cybersecurity activities in conjunction with Systems, Networks and Client Services teams.
-Lead regular technical meetings with IT colleagues to review network, systems and endpoints security posture, identify best practices and remediation steps for any gaps.
-Provide support for IT projects, identifying risk specific to the project, and actions necessary for remediation including recommendations for logical access controls, secure application configuration, general secure data handling processes.
-Work with IT colleagues to provide design input as well as to review software configuration of SaaS systems to ensure the deployment of secure systems. Identify needs and contribute to data protection, governance, and compliance initiatives by implementing processes, procedures, standards and guidelines.
-Responds to security incidents raised by the user community including phishing attempts, malware outbreaks, and unauthorized access attempts.
-Manage project timelines, action items, and deliverables in a professional and responsive manner.
-Navigate Bentley’s organization and IT environment to best realize the strategic and tactical objectives of the Cybersecurity Program.
-Keep current with Bentley’s changing business and IT environment and the external technologies and threat landscape in order to best manage risk and to be proactive in providing solutions to mitigate risks to acceptable levels.
-Advise on security best practices, make recommendations and take action to protect data and systems.
-Access and manage numerous reporting and security tools to protect our environment and investigate incidents. Suggest and execute as appropriate measures to contain or thwart attacks.
-Work with Managed Security Service provider to address risk, mitigate threats and report on overall health of the environment.
-Review vendor security controls (existing and potential vendors) and document concerns relative to Bentley’s business needs.
-Plan and manage outside vendor penetration tests including test scope, contract terms, test timing and all aspects of the penetration test.
-Assist with other aspects of Bentley’s Cybersecurity program – standard operating procedures, etc.
-Manage vulnerability scans (internal & external network, wireless and application) and vulnerability remediation.

Minimum Qualifications

-Bachelor’s degree.
-5+ years of related experience. Demonstrated proficiency and knowledge in information security.
-Strong written and verbal communication skills with ability to convey risk priority and impact.
-Experience with Security Incident Response including hands on involvement in detection, analysis, containment and remediation phases.
-Basic threat management and how to do research across multiple sources to correlate and provide accurate scope to identify, contain, eradicate and recover from a security incident.
-Timely and professional responsiveness.
-Ability to quickly adapt to new processes and able to recommend process changes to improve organizational response.
-Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability.
-Ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
-Knowledge of processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
-Project and process management experience

Preferred Qualifications

-Bachelor’s degree in computer science, information systems, or engineering.
-5-7 years related work experience in information security operations and/or related functions (such as IT Security Operations Center and IT Risk Management)
-Strong technical background/experience with a variety of information security systems/tools like vulnerability management, intrusion detection/prevention, cloud security, anti-virus/malware, data loss prevention.
-Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.
-Strong familiarity with operating system diagnostics, network design and troubleshooting, and how to diagnose security controls and logs for evidence and indicators of compromise. Ability to multi-task keeping the highest risk and/or priority items as forefront.
-CEH, CISSP, GSEC, or similar certification
-Work experience in higher education with knowledge of FERPA.
-Inquisitive nature and interest in unraveling and sorting through a variety of information from numerous

Work Environment

-Sitting or standing in front of a computer for most of the day.
-Ability to travel to locations and meetings across campus.
-Occasionally respond after normal work hours to responded to an issue or security event

See Job Description

See Job Description

Bentley, a private, not-for-profit university, is a place for successful leaders who set out to create positive change in our communities, organizations and the world. We believe in doing business and doing good at the same time.

Description

Job Description Summary

The Cybersecurity Team is part of Bentley Information Technology which is the central provider of technology infrastructure, services and applications for the University. Reporting to the Director of Information Security and Data Privacy, the Senior Cybersecurity Engineer will lead the cybersecurity efforts of a wider network of subject matter experts embedded in other IT departments. The team works most closely with IT staff as well as HR, Legal, Finance, Student Affairs to identify and manage risk through a cycle of identification, protection, detection, response and recovery. Security operations and technical tools/solutions are critical to success. The team contributes on reports to the Cabinet, the Audit Committee, and/or the Cybersecurity subcommittee.

The Senior Cybersecurity Engineer will plan, coordinate, and implement security measures to protect Bentley data, systems, and assets in support of Bentley’s Cybersecurity Framework and Program. The Senior Cybersecurity Engineer will focus on security operations & incident response, monitoring and alerting, maturing vulnerability management, aspects of data classification, and access management.

Essential Duties

-Plan and lead cybersecurity activities in conjunction with Systems, Networks and Client Services teams.
-Lead regular technical meetings with IT colleagues to review network, systems and endpoints security posture, identify best practices and remediation steps for any gaps.
-Provide support for IT projects, identifying risk specific to the project, and actions necessary for remediation including recommendations for logical access controls, secure application configuration, general secure data handling processes.
-Work with IT colleagues to provide design input as well as to review software configuration of SaaS systems to ensure the deployment of secure systems. Identify needs and contribute to data protection, governance, and compliance initiatives by implementing processes, procedures, standards and guidelines.
-Responds to security incidents raised by the user community including phishing attempts, malware outbreaks, and unauthorized access attempts.
-Manage project timelines, action items, and deliverables in a professional and responsive manner.
-Navigate Bentley’s organization and IT environment to best realize the strategic and tactical objectives of the Cybersecurity Program.
-Keep current with Bentley’s changing business and IT environment and the external technologies and threat landscape in order to best manage risk and to be proactive in providing solutions to mitigate risks to acceptable levels.
-Advise on security best practices, make recommendations and take action to protect data and systems.
-Access and manage numerous reporting and security tools to protect our environment and investigate incidents. Suggest and execute as appropriate measures to contain or thwart attacks.
-Work with Managed Security Service provider to address risk, mitigate threats and report on overall health of the environment.
-Review vendor security controls (existing and potential vendors) and document concerns relative to Bentley’s business needs.
-Plan and manage outside vendor penetration tests including test scope, contract terms, test timing and all aspects of the penetration test.
-Assist with other aspects of Bentley’s Cybersecurity program – standard operating procedures, etc.
-Manage vulnerability scans (internal & external network, wireless and application) and vulnerability remediation.

Minimum Qualifications

-Bachelor’s degree.
-5+ years of related experience. Demonstrated proficiency and knowledge in information security.
-Strong written and verbal communication skills with ability to convey risk priority and impact.
-Experience with Security Incident Response including hands on involvement in detection, analysis, containment and remediation phases.
-Basic threat management and how to do research across multiple sources to correlate and provide accurate scope to identify, contain, eradicate and recover from a security incident.
-Timely and professional responsiveness.
-Ability to quickly adapt to new processes and able to recommend process changes to improve organizational response.
-Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability.
-Ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
-Knowledge of processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
-Project and process management experience

Preferred Qualifications

-Bachelor’s degree in computer science, information systems, or engineering.
-5-7 years related work experience in information security operations and/or related functions (such as IT Security Operations Center and IT Risk Management)
-Strong technical background/experience with a variety of information security systems/tools like vulnerability management, intrusion detection/prevention, cloud security, anti-virus/malware, data loss prevention.
-Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.
-Strong familiarity with operating system diagnostics, network design and troubleshooting, and how to diagnose security controls and logs for evidence and indicators of compromise. Ability to multi-task keeping the highest risk and/or priority items as forefront.
-CEH, CISSP, GSEC, or similar certification
-Work experience in higher education with knowledge of FERPA.
-Inquisitive nature and interest in unraveling and sorting through a variety of information from numerous

Work Environment

-Sitting or standing in front of a computer for most of the day.
-Ability to travel to locations and meetings across campus.
-Occasionally respond after normal work hours to responded to an issue or security event

Skills

See Job Description

Education

See Job Description

Company Description

Bentley, a private, not-for-profit university, is a place for successful leaders who set out to create positive change in our communities, organizations and the world. We believe in doing business and doing good at the same time.

Position Overview

Company

Bentley University

Location

Waltham, MA

Job Type

Full time

Apply Now

Position Details

Description

Job Description Summary

The Cybersecurity Team is part of Bentley Information Technology which is the central provider of technology infrastructure, services and applications for the University. Reporting to the Director of Information Security and Data Privacy, the Senior Cybersecurity Engineer will lead the cybersecurity efforts of a wider network of subject matter experts embedded in other IT departments. The team works most closely with IT staff as well as HR, Legal, Finance, Student Affairs to identify and manage risk through a cycle of identification, protection, detection, response and recovery. Security operations and technical tools/solutions are critical to success. The team contributes on reports to the Cabinet, the Audit Committee, and/or the Cybersecurity subcommittee.

The Senior Cybersecurity Engineer will plan, coordinate, and implement security measures to protect Bentley data, systems, and assets in support of Bentley’s Cybersecurity Framework and Program. The Senior Cybersecurity Engineer will focus on security operations & incident response, monitoring and alerting, maturing vulnerability management, aspects of data classification, and access management.

Essential Duties

-Plan and lead cybersecurity activities in conjunction with Systems, Networks and Client Services teams.
-Lead regular technical meetings with IT colleagues to review network, systems and endpoints security posture, identify best practices and remediation steps for any gaps.
-Provide support for IT projects, identifying risk specific to the project, and actions necessary for remediation including recommendations for logical access controls, secure application configuration, general secure data handling processes.
-Work with IT colleagues to provide design input as well as to review software configuration of SaaS systems to ensure the deployment of secure systems. Identify needs and contribute to data protection, governance, and compliance initiatives by implementing processes, procedures, standards and guidelines.
-Responds to security incidents raised by the user community including phishing attempts, malware outbreaks, and unauthorized access attempts.
-Manage project timelines, action items, and deliverables in a professional and responsive manner.
-Navigate Bentley’s organization and IT environment to best realize the strategic and tactical objectives of the Cybersecurity Program.
-Keep current with Bentley’s changing business and IT environment and the external technologies and threat landscape in order to best manage risk and to be proactive in providing solutions to mitigate risks to acceptable levels.
-Advise on security best practices, make recommendations and take action to protect data and systems.
-Access and manage numerous reporting and security tools to protect our environment and investigate incidents. Suggest and execute as appropriate measures to contain or thwart attacks.
-Work with Managed Security Service provider to address risk, mitigate threats and report on overall health of the environment.
-Review vendor security controls (existing and potential vendors) and document concerns relative to Bentley’s business needs.
-Plan and manage outside vendor penetration tests including test scope, contract terms, test timing and all aspects of the penetration test.
-Assist with other aspects of Bentley’s Cybersecurity program – standard operating procedures, etc.
-Manage vulnerability scans (internal & external network, wireless and application) and vulnerability remediation.

Minimum Qualifications

-Bachelor’s degree.
-5+ years of related experience. Demonstrated proficiency and knowledge in information security.
-Strong written and verbal communication skills with ability to convey risk priority and impact.
-Experience with Security Incident Response including hands on involvement in detection, analysis, containment and remediation phases.
-Basic threat management and how to do research across multiple sources to correlate and provide accurate scope to identify, contain, eradicate and recover from a security incident.
-Timely and professional responsiveness.
-Ability to quickly adapt to new processes and able to recommend process changes to improve organizational response.
-Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability.
-Ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
-Knowledge of processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
-Project and process management experience

Preferred Qualifications

-Bachelor’s degree in computer science, information systems, or engineering.
-5-7 years related work experience in information security operations and/or related functions (such as IT Security Operations Center and IT Risk Management)
-Strong technical background/experience with a variety of information security systems/tools like vulnerability management, intrusion detection/prevention, cloud security, anti-virus/malware, data loss prevention.
-Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.
-Strong familiarity with operating system diagnostics, network design and troubleshooting, and how to diagnose security controls and logs for evidence and indicators of compromise. Ability to multi-task keeping the highest risk and/or priority items as forefront.
-CEH, CISSP, GSEC, or similar certification
-Work experience in higher education with knowledge of FERPA.
-Inquisitive nature and interest in unraveling and sorting through a variety of information from numerous

Work Environment

-Sitting or standing in front of a computer for most of the day.
-Ability to travel to locations and meetings across campus.
-Occasionally respond after normal work hours to responded to an issue or security event

Skills and Experience

See Job Description

Education

See Job Description

Company Description

Bentley, a private, not-for-profit university, is a place for successful leaders who set out to create positive change in our communities, organizations and the world. We believe in doing business and doing good at the same time.

Become a Member

Complete the application for Institution Membership to start using NERCOMP member benefits now!

Get Started

You are using an unsupported version of Internet Explorer. To ensure security, performance, and full functionality, please upgrade to an up-to-date browser.