Job Title: IT Security Engineer

Minimum Qualifications:

• Associates degree in Cyber Security, Information Technology, or a related field;
• 4 years of network and Cyber Security experience or equivalent degree/certifications; and
• Technical Certifications: CCNA, CYSA+, Pentest+, or equivalent.

Position Description:

The Security Engineer is responsible for the design, implementation, and maintenance of our organization's security posture. This role includes implementing and fine-tuning various security measures and controls, conducting regular security audits, and responding promptly to security incidents and breaches.

Knowledge, Skills and Abilities:

• Comprehensive understanding of cybersecurity frameworks, incident response plans, and security best practices;
• Detailed knowledge of network protocols and architecture;
• Significant experience with advanced endpoint protection and behavioral analytics;
• Proficiency in using SIEM systems and analyzing various security logs;
• Familiarity with next-generation firewalls such as Palo Alto Networks devices;
• Experience with VmWare NSX-T and east-to-west segmentation; and
• Expertise in hardening Linux and Windows operating systems.

Essential Job Responsibilities:

• Develop, maintain, and regularly update a comprehensive cybersecurity framework, in line with industry best practices and emerging threats;
• Oversee incident response plans, ensuring effective strategies are in place for potential cybersecurity breaches;
• Manage and configure advanced firewall protections across all systems to safeguard digital assets and sensitive data;
• Implement and enforce robust security policies for all operating systems, including detailed hardening measures to eliminate potential vulnerabilities;
• Install, maintain, and monitor SIEM/SOAR systems, both on-premise and in the cloud, to provide real-time analysis of security alerts;
• Schedule and coordinate regular external and internal penetration tests to identify areas of weakness and assess the effectiveness of current security measures;
• Conduct comprehensive security audits, provide detailed reports to supervisors, and advise on remediation strategies for identified risks;
• Analyze current security systems and recommend improvements or enhancements to bolster security and minimize potential vulnerabilities;
• Actively collaborate with all IT teams and district departments to coordinate security enhancements and improvements, ensuring all stakeholders are well-informed and compliant with security protocols;
• Contribute to disaster recovery and business continuity planning, ensuring the organization can respond effectively to major incidents or disruptions;
• Stay informed about the latest cybersecurity trends and threat vectors, incorporating this knowledge into the organization's security strategy;
• Provide training and guidance to staff members on cybersecurity best practices and response plans;
• Comply with state-approved New Mexico Administrative Code of Ethical Responsibility of the Education Profession and the RRPS Employee Standards of Conduct and uphold and enforce rules, administrative directives and regulations, school board policies, and local, state, and federal regulations; and
• The employee may be assigned other duties based on the needs of the District during the term of employment.

Work Hours:  Work hours are established in employment contract. Additional work hours may be assigned by the superisor.

Accountability: The Security Engineer will be held accountable for maintaining the highest level of confidentiality and trustworthiness, ensuring the security of the Rio Rancho Public Schools' information and infrastructure. The incumbent must consistently demonstrate competency in their role, complying with legal and ethical standards as well as school District policies.

Reports to: Executive Director of Information Technology

Evaluated by: Executive Director of Information Technology