The Senior Cyber Security Engineer will have responsibility for implementing and supporting an effective vulnerability management and pen-testing program. This role will closely partner with others across HMS IT and Security to further enable the HMS mission through implementing an effective vulnerability and patch management lifecycle, ensuring applications are secured via implementation of Secure SDLC, and identifying risks via penetration testing. On a daily basis this role will work in identifying critical assets and systems (inclusive of research IoT) with an aim at reducing the attack surface and maturing the layers of defense. This role will partner with SecOps when required during security incidents and investigations. The Senior Cyber Security Engineer, as part of the IT Security team, will partner with others across security and IT to establish strategic and tactical roadmaps.
Principal Duties and Responsibilities:
Work with IT personnel to ensure effective and continuous patching.
Identify required remediations via security assessments and penetration testing and provide recommendations.
Inform the organization of emerging threats, and risks.
Serve as an information security expert, helping project teams comply with enterprise and IT security policies, regulations, and recommend strategic solutions.
Implement and manage various vulnerability tools.
Implement a risk-based approach for remediation and mitigation path recommendations.
Operate cybersecurity pentests and similar assessments related to systems, infrastructure, and applications.
Implement and support an effective vendor management program.
Seek opportunities to research, design, and advocate new technologies, architectures, products, policies, processes or procedures that will support security requirements for the university, business partners, and vendors.
Abide by and follow the Harvard University IT technical standards, policies and Code of Conduct.
Minimum of seven years' post-secondary education or relevant work experience
Additional Qualifications and Skills
Hands-on experience with Penetration testing
Experience with vulnerability management and patch management lifecycles
Experience reporting on vulnerability and patching metrics
Working knowledge of vulnerability management tools
Experience assessing vendor security risks
Demonstrated experienced with identifying and resolving common web application vulnerabilities (Ex: OWASP Top 10)
Demonstrated team performance skills, service mindset approach, and the ability to act as a trusted advisor
Certificates and Licenses
Completion of Harvard IT Academy Information Security Foundations course (or external equivalent) preferred
IT Security Certification preferred; e.g., CISSP, CISA/CISM, and/or GIAC
This position is based in Boston and some in-person on-campus work will be required, and flexible/remote work is an option. Any remote work must be performed in a state in which Harvard is registered to do business (CA*, CT, GA, IL, MA, MD, ME, NH, NJ, NY, RI, VA, VT, and WA). Individual flexible and remote work options for this role will be discussed during the interview process. *Note: Harvard employees working in California must be exempt.
The health of our workforce is a priority for Harvard University. With that in mind, we strongly encourage all employees to be up-to-date on CDC-recommended vaccines.
Please note that we are currently conducting a majority of interviews and onboarding remotely and virtually. We appreciate your understanding.
The Harvard Medical School is not able to provide visa sponsorship for this position.
Paid Time Off: 3-4 weeks of accrued vacation time per year (3 weeks for support staff and 4 weeks for administrative/professional staff), 12 accrued sick days per year, 12.5 holidays plus a Winter Recess in December/January, 3 personal days per year (prorated based on date of hire), and up to 12 weeks of paid leave for new parents who are primary care givers.
Health and Welfare: Comprehensive medical, dental, and vision benefits, disability and life insurance programs, along with voluntary benefits. Most coverage begins as of your start date.
Work/Life and Wellness: Child and elder/adult care resources including on campus childcare centers, Employee Assistance Program, and wellness programs related to stress management, nutrition, meditation, and more.
Retirement: University-funded retirement plan with contributions from 5% to 15% of eligible compensation, based on age and earnings with full vesting after 3 years of service.
Tuition Assistance Program: Competitive program including $40 per class at the Harvard Extension School and reduced tuition through other participating Harvard graduate schools.
Tuition Reimbursement: Program that provides 75% to 90% reimbursement up to $5,250 per calendar year for eligible courses taken at other accredited institutions.
Professional Development: Programs and classes at little or no cost, including through the Harvard Center for Workplace Development and LinkedIn Learning.
Commuting and Transportation: Various commuter options handled through the Parking Office, including discounted parking, half-priced public transportation passes and pre-tax transit passes, biking benefits, and more.
Harvard Facilities Access, Discounts and Perks: Access to Harvard athletic and fitness facilities, libraries, campus events, credit union, and more, as well as discounts to various types of services (legal, financial, etc.) and cultural and leisure activities throughout metro-Boston.
Hybrid (partially on-site, partially remote)
Commitment to Equity, Diversity, Inclusion, and Belonging We are committed to cultivating an inclusive workplace culture of faculty, staff, and students with diverse backgrounds, styles, abilities, and motivations. We appreciate and leverage the capabilities, insights, and ideas of all individuals. Harvard Medical School Mission and Community Values
EEO Statement We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation, pregnancy and pregnancy-related conditions, or any other characteristic protected by law.
Harvard University is devoted to excellence in teaching, learning, and research, and to developing leaders in many disciplines who make a difference globally. The University, which is based in Cambridge and Boston, Massachusetts, has an enrollment of over 20,000 degree candidates, including undergraduate, graduate, and professional students. Harvard has more than 360,000 alumni around the world. The University has twelve degree-granting Schools in addition to the Radcliffe Institute for Advanced Study, offering a truly global education. Established in 1636, Harvard is the oldest institution of higher education in the United States.