University Jobs

Job Information

Vanderbilt University Senior Security Engineer, IT Security Operations in Nashville, Tennessee

Senior Security Engineer, IT Security Operations (Job Number: 2001038)


As a Senior Security Engineer, you will be tasked with developing and maintaining solutions to defend Vanderbilt University from cybersecurity threats. You will be asked to research security trends, understand the current threat landscape, and implement and improve both technical solutions as well as processes/procedures to reduce risk to the organization. You will be asked to evaluate and implement security solutions for both on-premises and multi-cloud (AWS, Azure, GCP) environments to look for ways to enhance threat prevention and detection initiatives. The Senior Security Engineer will work with other teams across the organization to design, implement, and provide recommendations in areas such as secure network design and Identity and Access Management (IAM). This role will also be responsible for maintaining the team’s security tools such as, but not limited to, SIEM, IDS, EDR, and cloud security technologies. A successful candidate for this position will keep up to date with industry trends as well as possess the technical ability to design and implement these solutions. The Senior Security Engineer will also develop tools, scripts, and product integrations to enhance the suite of security solutions across the organization. The Senior Security Engineer should be able to perform all technical tasks with minimal to no supervision/guidance, be able to communicate their results in an effective way, and mentor the associate and mid-level Security Engineers on the team.

The Information Security team within Vanderbilt University’s Information Technology department provides cybersecurity services to the institution and associated partners. This position will work closely with the Lead of Information Security as a part of the Security Engineering and Architecture team as well as with other members of Information Security and various entities both inside and outside of the university.

Duties and Responsibilities

Security Engineering and Architecture:

  • Act as a technical expert in researching, implementing, and supporting security solutions across various focus areas (endpoint, network, cloud, IAM, etc.). This includes continuously improving, tuning, and maintaining the tools primarily used by Vanderbilt’s Security Operations Center (SOC) to make them stable and accurate.

  • Evaluate and implement logging best practices across various systems, devices, and applications to determine what is needed to effectively prevent and detect threats.

  • Perform research on adversary tools, tactics, and procedures (TTPs) and be able to engineer and construct defensive solutions against them.

  • Work with other teams across the organization to enhance the security strategy of multiple IT disciplines and technologies.

  • Write custom scripts/tools to integrate with both native and 3rd party products to create, enrich, and automate threat prevention, detection, and remediation abilities.

  • Act as an overflow for the Security Operations Center and assist in alert monitoring, security analysis, digital forensic/incident response, and E-Discovery when needed.

  • Train and mentor the associate and mid-level Security Engineers on the team.

  • All technical tasks should be able to be executed with minimal to no supervision/guidance.

  • Bachelor's degree in Computer Science, Information Security, or a related focus or equivalent experience is necessary

  • Information Security certifications are preferred

  • Four years of professional experience in information security is necessary

  • Professional experience working on (or supporting) threat prevention, detection, and response teams is preferred

  • Professional experience working with, engineering, configuring, or tuning two or more of the following technologies is necessary:

  • Security Information and Event Management (SIEM)

  • Cloud security solutions

  • Endpoint Detection and Response (EDR)

  • Intrusion Detection/Prevention IDS/IPS

  • Experience with developing scripts / tools is necessary

  • (Python is preferred)

  • A deep understanding of adversary tools, tactics, and procedures (TTPs) is necessary

  • Experience with frameworks such as MITRE ATT&CK is preferred

  • Knowledge of threat modeling and penetration testing is preferred

  • Knowledge of the incident response lifecycle and the stages of a cyber-attack is preferred

  • Knowledge of malware behavior, investigation, and containment strategies is preferred

  • Knowledge of forensic artifacts across various operating system is preferred

Commitment to Equity, Diversity, and Inclusion

At Vanderbilt University, we are intentional about and assume accountability for fostering advancement and respect for equity, diversity, and inclusion for all students, faculty, and staff. Our commitment to diversity makes us who we are. We have created a community that celebrates differences and lets individuality thrive. As part of this commitment, we actively value diversity in our workplace and learning environments as we seek to take advantage of the rich backgrounds and abilities of everyone. The diverse voices of Vanderbilt represent an invaluable resource for the University in its efforts to fulfill its mission and strive to be an example of excellence in higher education.

Vanderbilt University is an equal opportunity, affirmative action employer. Women, minorities, people with disabilities, and protected veterans are encouraged to apply.

Primary Location: United States-Tennessee-Nashville

Organization: 46700 - IT Security Operations

Job: Information Technology Professionals

Vanderbilt University is committed to principles of equal opportunity and affirmative action