Description

Everspring, Inc. is an ed-tech trailblazer. We create customized, integrated digital solutions that enable top universities to design and deliver their programs online, with excellence. Our exceptional technology platform and complementary services empower universities to focus on teaching engaging content that transforms lives. 

We offer a range of full-service turnkey solutions and fee-for-service offerings, as well as a set of innovative standalone products. We deliver industry-leading outcomes in academics and instructional design; market research and program design; marketing and lead generation; recruitment and enrollment services; student support and retention services; and technology infrastructure and analytics. Our proprietary methodologies yield uniquely tailored solutions that drive tangible value for our university partners, their faculty, and their students. 

Based in Chicago, Everspring serves a growing number of colleges and universities. We were named one of Chicago’s Best Places to Work in 2020 by Built In Chicago.  

There is an exciting role with us as an IT Security Engineer that has one foot planted in Security in the Cloud and the other in IT governance. This role does not come around often, and we have an opening available for it. In this role, you will wear multiple hats, working closely with the developers, IT staff, and while working with the Director of Technology to continually refine security practices and controls. This is an exciting, forward-thinking role well suited for someone looking to get meaningful, applied experience in many different areas at a brisk pace.

The position will report to the Director of Technology and is based in Chicago, IL (initially remote).

Responsibilities

• Evaluate and provide recommendations on security controls, policies, and procedures in a heavily AWS environment.
• Aid in implementation, configuration, and/or maintenance of security tools (IDS/IPS, WAF, etc.)
• Perform security reviews of proposed changes to infrastructure and/or code.
• Manage our SIEM to ensure/monitor logging, rule/notification creation, and create useful dashboards.
• Own the vulnerability scanning and penetration testing processes, both internal and external/third party.
• Participate in risk assessments including interviews, business impact documentation, and mitigation recommendations.
• Perform vendor risk/diligence reviews on new vendors as well as recurring checks, as needed.
• Help provide training on information security best practices across the technology team and more broadly in the organization.
• Analyze and review logs for issues or gaps.  Create automation around this process to maximize value for time spent.
• Investigate security incidents, should one ever arise.

Requirements

• Minimum of 3 years in hands on Information Security roles (or similar positions).
• Minimum of 2 years working with Amazon Web Services (or similar cloud provider).
• Strong familiarity with security frameworks and standards (ISO, NIST… etc.)
• Solid understanding of FERPA and/or other compliance frameworks (HIPAA, FERPA, GDPR… etc.)
• Hands-on experience in vulnerability scanning and penetration testing.
• Strong understanding and knowledge of Linux, Windows, AWS Services, and scripting languages (Shell, Python, PowerShell or other).
• Hands-on experience in working with security systems including firewalls, intrusion protection/detection systems, anti-virus software, authentication systems, log management and content filtering etc.
• Knowledge of security concepts such as (cloud) Authentication, Authorization, web attacks (DDOS, SQL injections, man-in-the-middle, etc.), securing web application, payload encryption & decryption, environment security, etc.
• Strong understanding of network concepts including TCP/IP and TLS.
• Experience with cloud hosted apps/service (AWS experience preferred, but Azure, Google Cloud or similar can work too) and able to translate business requirements into securely implemented capabilities in the Cloud.
• Bachelor’s Degree in Computer Science, Information Systems or related degree.

Preferences

• AWS or security related certifications preferred.

Everspring is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. Everspring makes hiring decisions based solely on qualifications, merit, and business needs at the time.