Job Description

Position Purpose
The IT Security Engineer II (ITSEII), Information Security Risk Management safeguards the institution’s information technology assets, encompassing both physical and digital domains, against all forms of security threats and vulnerabilities. This position is tasked with conducting proactive security operations, implementing, and maintaining robust security measures, and ensuring compliance with relevant policies and regulations. The ITSEII educates and engages the college community in best practices for information security, fostering a secure, inclusive, and aware campus environment. contributing significantly to the integrity, reliability, and resilience of Dartmouth’s information systems and the protection of sensitive data.

Description
Join Our Team: IT Security Engineer II – Information Security Risk Management Specialist
Dartmouth is actively seeking a proactive and communicative IT Security Engineer II, specializing in Information Security Risk Management (ISRM), to enhance our security landscape. This critical
role focuses on the protection of our institution’s technology assets against an array of security threats, emphasizing risk management, compliance, and awareness.

As a key member of our Information Security team, you will lead efforts to build a security-conscious community by developing and delivering effective training programs and awareness campaigns. Your goal will be to ensure that all staff are equipped with the knowledge and tools needed to maintain security and mitigate risks.

Key Responsibilities:

Communication and Awareness: Spearhead communication initiatives to keep the campus community informed about the latest security practices and threats. Develop comprehensive training materials that are accessible and relevant to various audiences.
Training Programs: Design and implement dynamic security training sessions tailored to different departmental needs, focusing on new security threats and compliance requirements. These sessions will be conducted both in-person and online to ensure broad participation.
Risk Management and Compliance: Conduct detailed risk assessments and enforce compliance with key regulatory and security standards such as PCI, HIPAA, and FERPA. You will play a crucial role in fostering a culture of continuous improvement in security practices.
Collaborative Engagement: Collaborate with stakeholders across the organization to integrate best security practices. Advise on potential risks and strategies for mitigation, ensuring a cohesive and informed approach to security across all departments.

We are committed to diversity and inclusion, striving to create a team that reflects various backgrounds, perspectives, and skills. This role offers you a platform to significantly impact our community’s safety and security by promoting a knowledgeable and prepared campus environment.

Qualifications:

Bachelor’s degree in Information Technology, Computer Science, or a related field, with 3-5 years of experience in IT security, particularly in risk management.
Advanced certifications like CISSP, CEH, CRISC, or similar are preferred.
Exceptional communication skills, capable of effectively engaging both technical and non-technical stakeholders.
Strong background in developing and leading security training and awareness programs.
Familiarity with current security protocols, risk management strategies, and compliance frameworks such as NIST, ISO, and COBIT.
Demonstrated commitment to promoting diversity and inclusion within a professional setting.

Apply today to become an integral member of our Information Security team and help us shape a secure and informed future at Dartmouth.
Required Qualifications - Education and Yrs Exp Bachelor's degree
Required Qualifications - Skills, Knowledge and Abilities
Bachelor’s degree in Information Technology, Computer Science, or a related field, or equivalent experience.
3-5 years of experience in an IT security role, with additional experience in related IT roles beneficial.
Proficiency in coding and scripting for process automation and integration, with a strong background in managing network equipment and cloud security.
Comprehensive knowledge of information security issues, techniques, auditing, logging, and familiarity with vulnerability scanning and management platforms.
In-depth understanding of IP networking, networking protocols, and security-related technologies.
Strong analytical, troubleshooting, and communication skills.
Familiarity with security standards and frameworks such as NIST 800-53, ISO 27001, and COBIT.
Ability to support the development and implementation of information security policies and compliance programs.

Preferred Qualifications
Advanced certifications such as CISSP, CEH, CRISC, or similar.
Experience leading security awareness and training programs.
Demonstrated ability to innovate and stay current with technology trends and security practices.
Expertise in security technologies or platforms such as SIEM, SOAR, IDS/IPS, firewalls, endpoint protection, vulnerability scanning, cloud security management tools, IAM, and DLP.
Experience managing large-scale security projects or initiatives, with a focus on achieving strategic security outcomes.
Exceptional communication skills, adept at engaging with both technical and non-technical stakeholders.
Proven track record of promoting diversity and inclusion within a team or organization.