Zovio Security Engineer I in Chandler, Arizona
The Security Engineer I is a full-time member of a dynamic team whose successful execution of their charter requires curiosity, tenacity, a passion for Information Security, and a diligence to pursue the latest in the state of the art -- this is a challenging but rewarding position.
As an integral member of the Information Security Team, the Security Engineer I will develop and demonstrate technical proficiencies to support the planning and delivery of world-class enterprise systems, software, and infrastructure.
Under the guidance of the information security staff, the Security Engineer I will perform procedures to ensure the safety of information system assets and to protect systems from intentional or inadvertent degradation or destruction. Located in Chandler, AZ, the Security Engineer I will report to the AVP, Information Security and Risk Management.
Essential Job Duties:
The Information Security Engineer I (SE I) ensures the confidentiality, integrity, and availability of information systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, standards, procedures, and tools
Participate in incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
Maintain an expert-level knowledge of the daily security landscape and serve as a security advisor to the company as a whole
Support activities which monitor, alert, and respond to Information Security incidents.
Support the design, deployment, and maintenance of Information Security controls and technology
Support development of and maintain Standard Operating Procedures related to current Information Security services and the current Application Development Lifecycle
Track key risk indicators over time, reporting such as metrics and key performance indicator measurement program, and provide metrics to Senior Director of Risk Management and applicable leadership
Promote understanding and adherence to the necessary policies, standards, and procedures to maintain security posture
Track and report on status of Information Security remediation efforts
Interface with external staff to understand projects, impact to security posture
Promote awareness of security issues among staff
Support the execution of process improvements as necessary
Assist external auditors, regulatory auditors, and other 3rd parties as needed, supporting security controls within compliance programs, as needed (PCI, SOX, FERPA, GDPR/CCPA, etc.)
Assist in company-wide security initiatives
Drive strategic roadmaps for the Information Security program and relates systems
Performance of various administration tasks and projects as assigned
Transform manual processes into automated solutions
Minimum Requirements :
Knowledge of industry standard IT principles, methods, security regulations, policies, and procedures for information systems
1-3 years of experience in Information Technology (Networking, SysAdmin, etc.)
Relevant security and audit certifications, such as CISSP, CISA preferred or equivalent experience
Work with development teams to carry out Application Security Reviews; performs threat modeling, vulnerability analysis, penetration testing, code reviews, and SDLC support
Working knowledge of at least one scripting language (Python and PowerShell preferred)
Experience with Intrusion Detection Systems, Firewalls, and Endpoint Security
Experience with Data Loss Prevention technologies
Experience with Metasploit and/or Penetration Testing frameworks
Experience with Vulnerability Scanning, Detection and Remediation frameworks
Experience with Web Application Security
Experience with Scripting and/or Programming
Experience with both Microsoft and Unix-Based technologies
Experience with working knowledge of TCP/IP and OSI Model
Experience with Information Security Frameworks
Self-motivated and able to work in an independent manner
Technical writing experience
Must have excellent listening skills
Excellent verbal, written, analytical, organizational and human relations skills
Ability to operate in a self-directed manner with strong analytical and technical problem-solving skills
Experience in higher education preferred but not required
Security Community involvement preferred
Offensive Security certifications (OSCP, OSCE, OSWE)
IT Security Certification (CySA+, CASP, CISSP, CISM)
CISSP, GIAC, GWAPT, GPEN, CEH, and/or certification a plus
Experience with scalable cloud security architecture (Microsoft Azure, AWS, etc.)
Application Security experience (source analysis, static analysis, DAST, threat modeling, secure SDLC, web app penetration testing)
Experience securing applications in containerized environments, including Kubernetes, cloud-native, and serverless
Bachelor's Degree in Computer Science, Computer Engineering, or related field is strongly preferred
IT Security Certification (Comptia Security+, SANS GIAC Series Certifications, Offensive Security Series Certifications, CEH, or equivalent) preferred
Zovio is an education technology services company that partners with higher education institutions and employers to deliver innovative, personalized solutions to help learners and leaders achieve their aspirations. Zovio leverages its core strengths and applies its technology and capabilities to priority market needs. Using advanced data and analytics, Zovio identifies the most meaningful ways to enhance the learner experience and deliver strong outcomes for higher education institutions, employers, and learners.
Zovio’s purpose is to help everyone be in a class of their own.
Using data and analytics to power radically innovative experiences that are simple, predictive, and tailored to every individual.
At Life Speed
In tune with real life, creating platforms that are accessible, convenient, and that meet people where they are.
Helping people make progress in their lives by solving the problems that matter with empathy and intelligence.
We are ambitious individuals coming together to create bold solutions for a brighter future. We put our people first, and value different ways of thinking.
Passion | Bring it.
We take pride in what we do and have fun doing it.
Innovation | Ignite bold ideas.
We challenge the traditional way of thinking.
Teamwork | Our teams work.
We share knowledge to get the best solutions.