Resumen del rol

Senior IT Security Engineer

Requisitos y responsabilidades

Contenido del rol extraído en secciones para revisar más rápido.

Responsibilities

  • Secure-by-Design Architecture: Implement, own, and champion secure-by-design frameworks across cloud, infrastructure, and application ecosystems, ensuring all system architectures address robust cybersecurity requirements.
  • Design & Integration Reviews: Review and approve security architecture designs for new internal systems, cloud platforms, and third-party integrations.
  • DevSecOps & CI/CD Pipelines: Design, enable, and maintain automated security pipelines to proactively scan Git repositories, catching vulnerabilities early in the software development lifecycle.
  • Cloud Security Management: Manage security lifecycles within multi-cloud environments (primarily AWS and GCP) to ensure continuous compliance and threat mitigation.
  • Vulnerability Management: Own and run the end-to-end vulnerability management program, prioritizing remediation efforts across enterprise systems.
  • AI & Emerging Tech Security: Assess and secure emerging technologies, evaluating security-focused Large Language Models (LLMs) and AI workflows to keep NPR aligned with industry progressions.
  • Security Monitoring & SIEM: Leverage SIEM platforms (specifically Splunk) to develop advanced dashboards, write queries, and build automated reporting mechanisms for real-time threat intelligence.
  • Network & Endpoint Defense: Deploy, recommend, and test advanced security controls, including Endpoint Detection and Response (EDR), enterprise-level antivirus, and perimeter security for Cisco networking devices.
  • Cross-Functional Collaboration: Partner with internal NPR technology and business teams to address security gaps, resolve concerns, and provide subject matter expertise in ongoing cybersecurity meetings.

Minimum Qualifications

  • 5+ years of experience in an information security, security engineering, or infrastructure security role.
  • 2+ years of hands-on experience in DevSecOps, secure software development, or automated CI/CD security pipeline integration.
  • Strong hands-on technical experience administering enterprise security tools, including SIEM (Splunk), EDR/anti-malware, and vulnerability management systems.
  • Proven experience securing multi-cloud environments (AWS and/or GCP) and a solid understanding of cloud security posture management.
  • Practical knowledge of core networking concepts and principles, including securing perimeter devices (such as Cisco hardware).
  • Demonstrated track record of cross-functional technical communication, documentation, and assisting development teams with security remediation.

Preferred Qualifications

  • Industry certifications such as CISSP, GIAC, or specialized cloud/DevSecOps credentials (or equivalent practical experience).
  • Experience with Infrastructure as Code (IaC) and network automation tools.
  • Practical experience implementing secure workflows for generative AI tools or LLMs.

Required Skills/Competencies

  • Threat & Vulnerability Analysis: Analytical capability to interpret automated scan results, prioritize vulnerabilities, and formulate remediation plans.
  • Cloud Security Architecture: Foundational competence in designing and securing cloud-native services and environments.
  • Automation & Scripting: Ability to write utility scripts (Python, Bash, etc.) to automate security checks or integrate tools.
  • SIEM Querying: Proficiency in building custom queries and alerts within SIEM platforms like Splunk.
  • Collaborative Problem Solving: Exceptional interpersonal and technical communication skills to bridge security policies with developer workflows.

Education Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent work experience.

Work Location & Requirements

  • NPR Remote-Permitted: This is a remote-permitted role. This role is based out of our Washington, D.C. office, but the employee may choose to work on a remote basis from a location that NPR approves. You will have the option of working (a) remotely from a location of your choosing within the United States that is supported by NPR; (b) on-site at an NPR facility, based on the availability of desks and approval from NPR; or (c) a combination of both. Regardless of where you choose to work from, you may be expected to travel to other locations from time to time to perform the duties of your position.

Job Type

  • This is a full-time, exempt position.
Roles similares

Mantén una lista de respaldo.

Ver stack
FocoIT Security EngineeringÁrea del rol
Señal de senioritySeniorNivel del candidato
StackAWS, CI/CD, GCPSkills principales
Ubicación7 países aceptadosElegibilidad

Stack

Usa estas tags para comparar roles remotos similares.

Elegibilidad de ubicación

Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.

Flujo de contratación

WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.

1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.