The Sinclair Information Security Engineer works under the direction of the Chief Information Security Officer with minimal supervision to support and implement Sinclair’s campus-wide information security program, focusing on technical and operational components. This role is responsible for developing, implementing, and enforcing security policies, standards, and practices, as well as providing strategic and tactical input on security technologies. Key duties include conducting risk analyses, forensic investigations, audits, and threat assessments; evaluating and deploying security-related technologies; and supporting effective security awareness initiatives. The engineer also plays an active role on Sinclair’s IT Security Operations Team, Vulnerability Assessment Team, and the Computer Security Incident Response Team (SCC CSIRT), contributing to the overall resilience of the college’s information systems.

The selected candidate must reside in the State of Ohio to be eligible.

Why work for Sinclair College?

The following are some of the benefits that professional staff with Sinclair College receive:

• Tuition waiver for employee and dependents for all Sinclair courses and programs
• Support for continued training and education, including tuition reimbursement for other universities and colleges.
• OPERS pension participation, with 14% employer contribution
• 4+ weeks of personal and vacation leave, 3+ weeks of sick leave annually
• 14 days of annually observed company holidays
• Expansive and competitive insurance programs, including an HSA with annual employer contribution available
• High quality programs for work-life balance

• Researches, designs, and implements appropriate security technologies and controls for protection and monitoring of the College technology infrastructure, on premise and hosted (cloud)
• Lead responsibility for designing appropriate security controls and structure for Sinclair’s cloud environment, including identity & access management, asset protection, logging and monitoring
• Works closely with the systems, network, operations, and application staff on the identification and implementation of appropriate security procedures, software, and hardware
• Routinely conducts and analyzes security scans (i.e. vulnerability, penetration) of information systems resources. Works with other IT staff to investigate and implement vulnerability and exploit mitigation controls and technologies
• Assists CISO with risk management, including investigations of systems and network security incidents, documentation, and maintenance of risk register and security program tools
• Facilitates development and execution of security policies, procedures, and awareness programs, as well as documentation of effective practices for securing systems and appropriate response to suspected compromise
• Assists with technology-related activities related to e-discovery, litigation hold, and other legal requests and response
• Networks with security professionals and colleagues at other higher education institutions, the local community, and in industry regarding broad information security issues and trends
• Performs other cybersecurity/information assurance-related activities as required

Requirements

• Minimum of an associate’s degree with 4 years of experience OR bachelor’s degree and 2 years of experience required
  • Expertise is developed via experience and continuing education, and skill-sets are maintained by self-motivation and life-long learning activities
• Knowledge and experience derived from a background in information systems management and understanding of the skills required at highly technical levels required
• Strong experience in implementing security controls and technologies in cloud-based and virtual environments required
• Excellent oral and written communication skills and an ability to effectively communicate with a diverse user group required
• Excellent analytical and troubleshooting skills and the ability to effectively interact with students, faculty, and staff required
• Working knowledge of networks, programming, and database programs; in-depth knowledge of security controls and procedures in a complex networking environment required
• Demonstrated ability to work both independently and collaboratively as situation dictates required
• Effective time management and ability to meet deadlines required