Information Security Engineer

The Vermont State Colleges System is looking for an IT Security Engineer to join the Information Technology team. They are responsible for designing implementing and maintaining security measures to protect the Vermont State College Systems critical infrastructure data and applications. This role works closely with members of IT and other departments to ensure compliance with security best practices policies and procedures. This is a great opportunity to lead a critical role and help set security strategy for the organization.

Information Security Engineer GRADE: 14

BARGAINING UNIT EXEMPT

BASIC FUNCTION

The IT Security Engineer is responsible for designing implementing and maintaining security measures to protect the Vermont State College Systems critical infrastructure data and applications. This role works closely with members of IT and other departments to ensure compliance with security best practices policies and procedures. This is a great opportunity to lead a critical role and help set security strategy for the organization.

ESSENTIAL DUTIES & RESPONSIBILITIES

Security Design & Architecture

• Design enterprise security architectures including zero trustframeworks secure network segmentation and identity-centric controls.
• Develop and monitor secure baselines for systems cloud environments and applications.
• Evaluate and recommend security technologies (e.g. SASE ZTNA micro-segmentation) to enhance the systems security posture.

Network & Infrastructure Security

• Work closely with the network team to architect and deploy secure network solutions including firewalls VPNs IDS/IPS and network access control (NAC).
• Conduct security reviews of network configurations ensuring compliance with best practices (e.g. CIS Benchmarks NIST guidelines).

Vulnerability & Risk Management

• Lead vulnerability assessments threat hunting and modeling exercises.
• Develop remediation strategies for identified risks and work with IT teams to prioritize fixes.
• Automate security testing and vulnerability scanning processes where possible.

Incident Response & Threat Mitigation

• Serve as a technical escalation point for security incidents assisting with forensic analysis and containment.
• Assist in the development of incident response playbooks for emerging threats.
• Monitor assess and respond/communicate appropriately to threat intelligence.

Compliance & Governance

• Ensure compliance with regulatory requirements (e.g. FERPA NIST CSF PCI DSS if applicable).
• Assist in security policy development and enforcement.
• Assist with security awareness training and third-party security reviews.

SUPERVISION RECEIVED

Reports directly to the Director of Infrastructure and Information Security

SUPERVISION EXERCISED

No direct supervision of staff

MINIMUM QUALIFICATIONS

• Bachelors degree in Information Technology Cybersecurity or related field or a combination of education and equivalent work experience.
• At least 5 years of technical IT experience including:
  • Windows Server Active Directory and Linux/macOS administration.
  • Networking fundamentals (TCP/IP DNS VLANs NAC).
• Familiarity with security frameworks and standards (e.g. NIST CSF 2.0 NISTISO 27001).

PREFERRED QUALIFICATIONS

• At least 3 years of experience in a cybersecurity role (e.g. Security Engineer Analyst) with hands-on exposure to:
  • Security tools (EDR SIEM firewalls vulnerability scanners).
  • Incident response or threat mitigation.
• Experience as a security engineer or architect
• CISSP CompTIA Security or similar certification (or willingness to obtain).
• Experience in an educational setting.
• Mac and Linux experience

KNOWLEDGE SKILLS & ABILITIES

• Strong interpersonal skills with the ability to collaborate across technical and non-technical teams.
• Experience working with interdisciplinary groups
• Good written and verbal communication skills with the ability to engage with a variety of audiences

Location: This position may be based on any of the Vermont State Colleges centers or campuses. Some remote work possible.

Physical Requirements: Duties performed cause slight fatigue of eyes fingers or other faculties as a result of repetitive motion and/or long periods of standing or sitting. Duties require little physical effort in work with light to moderate (up to 25lbs) easy-to-handle materials. Duties will occasionally require the climbing of ladders.

Working Conditions: Job is performed in a general office or comparable working area with many and frequent distractions such as noise and interruptions. Work schedule may vary during high volume periods.

This general outline illustrates the type of work which characterizes the job classification. It is not an all-encompassing statement of the specific duties responsibilities and qualifications of individual positions assigned to the classification.

VSCS values individual differences that can be engaged in the service of learning. Diverse experiences from people of varied backgrounds inform and enrich our community. VSCS welcomes all qualified applications including those from historically marginalized and underrepresented populations. VSCS is an equal opportunity employer in compliance with ADA requirements and will make reasonable accommodations for the known disability of an otherwise qualified applicant. Please contact Human Resources for assistance with accommodations at .

All new full-time employees and certain part-time employees will be subject to a criminal background check. Any offer of employment is contingent upon the satisfactory results of this check.

Application Instructions:
In order to be considered please submit a complete application package which includes a cover letter resume/CV employment application and contact information for three professional references at: