Cyber Security Engineer, Forensics
Leading uniquely at the intersection point of technology and social good, Blackbaud provides software, services, expertise, and data intelligence that empowers and connects people to advance the social good movement. We serve the entire social good community, which includes nonprofits, foundation, corporations, education institutions, and the individual change agents who support them. We work with over 40,000 organizations, helping them realize their goals, fund their missions, manage their operations, and develop long-lasting supporter relationships. Our customers are passionate about making the world a better place, and we’re inspired by the opportunity to help them.
About the role:
As an integral member of the Blackbaud Security Operations Forensics and Investigations Team, the Cyber Security Engineer will be responsible for leading and conducting investigations, as well as developing and facilitating processes that ensure the information security of Blackbaud computing systems, infrastructure, and applications. Applications that support both internal business needs and customers hosted within the numerous Cloud platforms. This includes supporting Blackbaud’s suite of products that provide value to our hosted customers and best practices within cloud service models, and defining, delivering, and maintaining security improvements as prioritized by risk assessments and business requirements.
What you’ll be doing:
- Investigation and analysis of detected and reported security incidents and events.
- Define, implement, and execute processes for the collection of information and evidence as part of incident response activities.
- Complete and document postmortem analysis after incidents
- Recommend process improvements for investigations and incident response activities
- Configure, optimize, and manage enterprise security monitoring, detection, prevention and forensics tools
- Assess the security provisions for cloud applications and existing hosted environments
- Ensure proper protection of data and information
- Perform advanced forensic analysis on artifacts
- Ensure the Confidentiality, Integrity, and Availability of information systems and data across the enterprise
- Increase efficiency through technology integration and automation and track key metrics
- Identify and leverage actionable intelligence
What we’ll want you to have:
- Bachelor’s degree in Computer Science, Engineering, Information Technology or equivalent related work experience required.
- Knowledge of information security methodologies and concepts, such as identification and authentication, access control, inception, and audit trails
- Possesses in-depth knowledge on network, endpoint, threat intelligence, forensics and malware reverse engineering, as well as the functioning of specific applications or underlying IT infrastructure
- Experience with DFIR techniques and tools (FTK, EnCase, SIFT, including Volatility) and eDiscovery
- Versed in developing, tuning and implementing threat detection processes.
- Experience scripting along Python-Ruby-Golang and PowerShell
- Strong knowledge of communications protocols and standards related to security data security and access control systems, encryption, and related matters, including authentication technologies and processes.
- Security control requirement, design, and implementation.
- Knowledge of cloud (AWS and Azure) and on-premise data centers
- Familiar with orchestration components (Chef-Puppet-Ansible-Kubernetes-VSTS)
- Hardware and software products that enhance the security of systems such as IPS (host- and network-based), firewalls, SIEMS, port scanning and vulnerability identification, war-dialers, monitoring and logging mechanisms, etc.
What we’ll prefer you have:
- Knowledge of security process, risk and compliance concepts, practices, and procedures, including: PCI-DSS, SOC, HIPAA, ISO 27001/2, etc.
- Effective communication skills both in writing and verbal.
- Ability to write documentation for a variety of audiences, including technical/system administrators, product managers, sales & marketing, and customers.
- Knowledge of operating system security techniques, including general administration, scripting, system hardening, host scanning tools, integrity tools, etc.
- Experience working within Cloud IaaS, PaaS, and SaaS environments.
- Balanced, clear judgment and flexible tactical thinking.
- Organizational skills to estimate timelines, work under deadlines given operational uncertainty, and deliver on time with high efficiency.
- One or more of the following certifications: CFCE, CSFA, GCFE, GCFA, GNFA, GREM, OSCP, CHFI, EnCE.
Why you’ll want to come work here:
- Competitive salary (commission/bonus based on type of role), 4 weeks paid time off, great benefits (medical, dental, vision, FSA), 401K match
- Gift matching, volunteer for vacation program, and endless community involvement opportunities
- Named to Forbes’ Fast Tech 25 and Fortune’s Change the World List; we are growing and offer incredible opportunity for advancement
- Tremendous company culture and office perks as well as a new cutting-edge new headquarters completed in 2018
Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.
To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.