Sr Cybersecurity Engineer Hybrid

The Senior Cybersecurity Engineer at Vanderbilt University holds the crucial responsibility of devising and upholding robust defense mechanisms against cyber security threats. This role involves indepth research into emerging security trends comprehensive understanding of the current threat landscape and the continual enhancement of technical solutions and operational procedures to mitigate risks to the institution. Additionally the Sr. Cybersecurity Engineer evaluates and deploys security solutions across diverse environments including onpremises and multicloud platforms such as AWS Azure and GCP with a focus on bolstering threat prevention and detection capabilities. Collaboration with crossfunctional teams is integral for crafting secure network designs and optimizing Identity and Access Management (IAM) frameworks. Furthermore the role encompasses the maintenance of essential security tools like SIEM IDS EDR and cloud security technologies. An ideal candidate must remain abreast of industry developments and possess the technical proficiency to design and implement cuttingedge security solutions while also developing tools scripts and integrations to fortify the organizations security posture. The Sr. Cybersecurity Engineer should demonstrate autonomy in executing technical tasks adept communication skills in conveying findings and a commitment to mentoring junior team members.

About the Team:

Vanderbilt University Information Technology is a humancentric organization that advances our university by delivering innovative solutions and frictionless experiences through collaboration.

The Cybersecurity team within Vanderbilt Universitys Information Technology department provides cybersecurity services to the institution and associated partners. This position will work closely with the Director of Security Engineering and Operations as a part of the Security Engineering and Operations team as well as with other members of Information Security and various entities both inside and outside of the university.

Duties and Responsibilities:

Act as a technical expert in researching implementing and supporting security solutions across various focus areas (endpoint network cloud IAM etc..

• Improve tune and maintain the tools primarily used by Vanderbilts Security Operations Center (SOC) to make them stable and accurate.
• Evaluate and implement best practices across various systems devices and applications to determine what is needed to effectively prevent and detect threats.
• Research on adversary tools tactics and procedures (TTPs) and be able to engineer and construct defensive solutions against them.
• Write custom scripts/tools to integrate with both native and 3rd party products to create enrich and automate threat prevention detection and remediation abilities.

Work with other teams across the organization to enhance the security strategy of multiple IT disciplines and technologies.

• Identify gaps in current deployments and implement solutions to improve monitoring visibility and response capabilities.
• Partner with Teams on new technology deployments to design and implement appropriate security controls.

Act as an overflow for the Security Operations Center and assist in alert monitoring security analysis digital forensic/incident response and EDiscovery when needed.

• Leverage learnings from these events to tune detection tools improving key metrics for response and incident closure.
• Provide mentorship for associate and midlevel Security Engineers on the team.

Supervisory Relationships:

This position does not have supervisory responsibility this position reports administratively and functionally to the Director Security Operations and Engineering.

Qualifications

• Bachelors degree is necessary
• Degree in Computer Science Information Security or related focus is preferred
• Relevant Cybersecurity certifications are preferred
• 5 years of relevant experience necessary
• Professional experience working on (or supporting) threat prevention detection and response teams is preferred
• Professional experience working with engineering configuring or tuning two or more of the following technologies isnecessary:
  • Security Information and Event Management (SIEM) Cloud security solutions Endpoint Detection and Response (EDR) Intrusion Detection/Prevention IDS/IPS
• Experience with developing scripts / tools is necessary Python is preferred
• A deep understanding of adversary tools tactics and procedures (TTPs) is necessary
• Experience with frameworks such as MITRE ATT&CK is preferred
• Knowledge of threat modeling and penetration testing is preferred
• Knowledge of the incident response lifecycle and the stages of a cyberattack ispreferred
• Knowledge of malware behavior investigation and containment strategies ispreferred
• Knowledge of forensic artifacts across various operating system ispreferred

Information Technologys Guiding Principles:

• Trust and Respect VUIT cultivates a community built on trust mutual respect and inclusivity where all members feel valued and supported. We prioritize honesty dignity empathy and a willingness to listen and understand.
• Professionalism VUIT strives to maintain a culture of maturity accountability and integrity to best represent the University and self. Have a sense of humility and poise in your work and daily interactions.
• Collaborate VUIT commits to being inclusive in solution design where we value sharing within and partnering across the university. We are intentional about including our colleagues and preventing silos.
• BiastoAction VUIT is seen as a changemaker by exhibiting a decisive selfstarter takeaction approach with a willingness to make decisions without excessive deliberation. Personal initiative is recognized as a key part of the creative process.
• Communicate Communication (written verbal and nonverbal) within and outside VUIT is open thoughtful welcoming clear proactive concise yet complete always honest and delivered kindly.
• Innovate VUIT pledges to be bold and challenge the status quo by inspiring a culture of creativity that promotes growth and advancement for the university.
• Celebrate Each Other We are intentional in showing appreciation for the work of others by valuing and acknowledging meaningful contributions at all levels of the organization.
• Optimize VUIT will practice continuous and thoughtful optimization of our solutions and services to increase our human and technological capacity. Capacity drives innovation.