Full-time employees will enjoy a competitive benefits package with options for you and your family including:

The compensation and benefits information is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Equal Opportunity Employer

Position is located onsite 3 days a week in the Boulder Office

This job posting is anticipated to remain open until April 12th, 2024.

BI is one of the leading technology companies in Boulder, Colorado and the largest provider of innovative electronic monitoring solutions in the United States. We excel at proving technological solutions to over 1,000 agencies nationwide and allowing those agencies to fulfill their missions without worrying about the technical complexities.

• Bachelor's Degree in Information Systems, Computer Science or related field or equivalent experience.
• Security-related certifications, CISSP preferred.
• At least five (5) years of experience in the following areas:
  • Computer network and/or system infrastructure operations, design, and with an IT security focus.
  • Governance, Risk, and Compliance activities in a FISMA or FedRAMP environment.
  • Cloud deployments and security tools used for protecting, detecting, and responding to security threats.
• Ability to pass a federal background check and obtain a suitability determination.
• United States citizenship required.
• Must live in the US 3 of the last 5 years (military and study abroad included).
• In-depth knowledge of network and security principles, systems, hardware, and cloud platforms.
• In-depth knowledge of SSL and encryption and secure communications.
• In-depth knowledge of DNS systems.
• In-depth knowledge of UNIX/Linux.
• In-depth knowledge of Windows Server, Microsoft SQL Server and PaaS/SaaS Applications.
• In-depth knowledge of networking systems and heterogeneous routing hardware.
• In-depth knowledge of networking and security equipment from major IT Security vendors.
• In-depth knowledge of TCP/IP, and client-server technologies.
• Ability to communicate technical issues to all levels of management and diverse internal and external contacts at all levels in comprehensible terms.
• Ability to share knowledge and experience and to provide mentorship to team members in a collaborative team environment.
• Ability to provide detailed and summary documentation for various purposes and audiences.
• Strong documentation, communication (written and verbal), and collaboration skills.
• Business knowledge and understanding of how security integrates into the business.
• Ability to work with computers and the necessary software typically used by the department.

Working Conditions: Encountered on a regular basis as part of the work this job performs.

• Typical office environment.
• Provides on-call security support after standard business hours 24 x 7 on a rotating basis.

BI Incorporated

Summary

The Senior Security Engineer, is a technical role and engineering team leader responsible for ensuring the confidentiality, integrity, and availability of BI Inc. computer systems including servers, workstations, network connections, storage, applications, and data. Leads security engineering technical activities, including detection and incident response, and ensures the successful design, deployment, and monitoring of security services. Assists the compliance team to ensure BI adheres to applicable laws and regulations and select security frameworks such as FISMA, FedRAMP, DHS 4300A, SOX, PCI-DSS, and others based on contractual requirements.

Primary Duties and Responsibilities

• Collaborates with Developers, Network Engineers, Systems Administrators, and Database Administrators to ensure the secure configuration of the IT infrastructure and applications, to address vulnerabilities and other risks, and respond to security threats.
• Researches, designs, and implements new security services in accordance with the BI security strategy and roadmap.
• Administers and develops operations guides and playbooks for the management of security services such as endpoint detection and response, vulnerability management, and logging and alerting tools.
• Ensures compliance to applicable laws and regulations and selects security frameworks such as FISMA, FedRAMP, DHS 4300A, SOX, PCI-DSS, and others based on contractual requirements.
• Troubleshoots and resolves problems with BI security services.
• Reports on key security metrics.
• Performs threat hunting and monitors the threat landscape for potential security impacts to BI and takes appropriate actions based on identified Indications of Compromise (IOC).
• Oversees and performs penetration, vulnerability, and configuration testing of all systems in order to identify system weaknesses using internal tools or in conjunction with outside vendors.
• Monitors server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interprets logs, responds to alerts, and implements or makes recommendations for resolution.
• Provides Tier 3 support for virus or malware issues on endpoints and servers to ensure the security of all BI endpoints.
• Develops implements, maintains, and oversees enforcement of security policies, procedures, and associated plans based on company requirements, industry standards, and best practices.
• Keeps current with emerging security threats and issues to be able to respond quickly and appropriately.
• Incorporates industry standard best practices and implements technical and administrative controls in accordance with the NIST cybersecurity framework (CSF) and Risk Management Framework (RMF).
• Audits end-user accounts, permissions, and access rights for all corporate systems.
• Ensures security is integrated with DevOps processes, including assessment and approval of code and hardening activities to BI systems, and performs security audits of new applications and systems prior to production implementation.
• Tracks, assesses, and monitors the application of security controls in the systems security plan, and provides regular reports as required.
• Supports the change control management process by reviewing existing configurations and proposed changes, and performing risk analysis to determine the overall security risk of the change on the enterprise network to make an approval recommendation.
• Performs other duties as assigned.

Privacy and Data Security Responsibilities:

In alignment with our commitment to data privacy and data security, all BI Inc. employees must:

• Understand and adhere to the principles of responsible data handling and protection.
• Comply with privacy laws and regulations relevant to each employee's position.
• Uphold BI's data privacy and data security policies.
• Undertake role-appropriate data security and data privacy training.
• Exercise due diligence in handling sensitive or private data encountered while performing their duties.
• Ensure data confidentiality, integrity, and availability per organizational policies, guidelines, and legal requirements.
• Understand that compliance with these responsibilities is critical to BI operations, security, and compliance requirements.