Platform Security Engineer at Blackbaud
The Platform Security Engineer is a member of a team focused on ensuring Blackbaud’s security platforms are first and foremost operating efficiently, effectively, comprehensively deployed, and well managed.
This role is responsible for leading and supporting activities related to implementation, configuration, management and maintenance of security related platforms. The Engineer is a technology and process focused security professional with an emphasis in platform administration, secure system implementation, maintenance, and information security.
Information Security Control Design and Maintenance
Reviews, develops, and implements security vendor agreements, and security exceptions to control standards as they relate to security platforms and services
- Conducts technical security reviews and assessments of current systems and processes
- Monitors and tracks remediation activities to address weaknesses and issues discovered through platform reviews
- Reviews existing toolsets, identify operational gaps, and recommends security enhancements
- Assists in achieving security architecture compliance on requirements, including: Sarbanes-Oxley, payment card industry standards, HIPAA, global data privacy requirements, as well as state and federal regulations
- Serves as information security subject matter expert on security platforms; provide advisory and consulting services as needed
- As a member of the Incident Response Team, performs analysis and technical tasks involving assignment and coordination of measures to provide information assurance, event detection, and rapid response
Education and Experience
- Strong system administration and automation skills to include use of platform provided APIs and scripting for implementing efficiencies and Security Orchestration, Automation and Response (SOAR) technologies.
- 3 years of formal experience in information security.
- Experience with Security Technologies / Methodologies, IT Audit & Risk Management & Metrics and reporting
- Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, CCSK, and GIAC