Cybersecurity Engineer (IL)

Under the general direction of the Director of Infrastructure and Security, the Cybersecurity Engineer is responsible for the operation and administration of cybersecurity technologies. This position plays a key role in ensuring the security and protection of the College's data, systems, and users. The Cybersecurity Engineer operates and monitors cybersecurity tools and services, regularly performs risk and vulnerability assessments, and supports ongoing security operations. Security operations include monitoring security alerts and logs through the SIEM, responding to security-related events, and fulfilling other security-related requests. This role assists in meeting regulatory and institutional compliance requirements, including GLBA, PCI-DSS, and internal security policies and procedures. The Cybersecurity Engineer serves as the primary administrator for privileged access management and security monitoring platforms and provides operational backup support to the Information Security Specialist to ensure continuity of the cybersecurity program.

In support of the College's mission, the Cybersecurity Engineer is committed to learning institutional systems and processes and contributes to efforts that promote student success and lifelong learning.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.

• Design, implement, and maintain security controls to protect networks, systems, and data such.
• Implements and conducts compliance policies, audit procedures, and data safeguards.
• Monitor systems and security tools (SIEM, EDR, firewall logs) for threats and suspicious activity
• Provides support to other employees of the college on matters related to cybersecurity including guidance during system implementations and vendor security reviews.
• Serves as a backup to the Information Security Specialist.
• Serves on the Incident Response Team.
• Perform risk and vulnerability assessments and coordinate remediation efforts.
• Support compliance efforts (e.g., FERPA, GLBA, PCI-DSS, CIS Controls)
• Must be available during maintenance windows, as well as on call 24 x 7 for emergencies.
• Other duties as applicable.