Note: The job is a remote job and is open to candidates in USA. NPR is a thriving, mission-driven multimedia organization producing award-winning news and information. They are seeking a Senior Security Engineer to bridge traditional infrastructure security and modern DevSecOps, implementing secure frameworks and managing security in multi-cloud environments.
Responsibilities
- Secure-by-Design Architecture: Implement, own, and champion secure-by-design frameworks across cloud, infrastructure, and application ecosystems, ensuring all system architectures address robust cybersecurity requirements
- Design & Integration Reviews: Review and approve security architecture designs for new internal systems, cloud platforms, and third-party integrations
- DevSecOps & CI/CD Pipelines: Design, enable, and maintain automated security pipelines to proactively scan Git repositories, catching vulnerabilities early in the software development lifecycle
- Cloud Security Management: Manage security lifecycles within multi-cloud environments (primarily AWS and GCP) to ensure continuous compliance and threat mitigation
- Vulnerability Management: Own and run the end-to-end vulnerability management program, prioritizing remediation efforts across enterprise systems
- AI & Emerging Tech Security: Assess and secure emerging technologies, evaluating security-focused Large Language Models (LLMs) and AI workflows to keep NPR aligned with industry progressions
- Security Monitoring & SIEM: Leverage SIEM platforms (specifically Splunk) to develop advanced dashboards, write queries, and build automated reporting mechanisms for real-time threat intelligence
- Network & Endpoint Defense: Deploy, recommend, and test advanced security controls, including Endpoint Detection and Response (EDR), enterprise-level antivirus, and perimeter security for Cisco networking devices
- Cross-Functional Collaboration: Partner with internal NPR technology and business teams to address security gaps, resolve concerns, and provide subject matter expertise in ongoing cybersecurity meetings
Skills
- 5+ years of experience in an information security, security engineering, or infrastructure security role
- 2+ years of hands-on experience in DevSecOps, secure software development, or automated CI/CD security pipeline integration
- Strong hands-on technical experience administering enterprise security tools, including SIEM (Splunk), EDR/anti-malware, and vulnerability management systems
- Proven experience securing multi-cloud environments (AWS and/or GCP) and a solid understanding of cloud security posture management
- Practical knowledge of core networking concepts and principles, including securing perimeter devices (such as Cisco hardware)
- Demonstrated track record of cross-functional technical communication, documentation, and assisting development teams with security remediation
- Threat & Vulnerability Analysis: Analytical capability to interpret automated scan results, prioritize vulnerabilities, and formulate remediation plans
- Cloud Security Architecture: Foundational competence in designing and securing cloud-native services and environments
- Automation & Scripting: Ability to write utility scripts (Python, Bash, etc.) to automate security checks or integrate tools
- SIEM Querying: Proficiency in building custom queries and alerts within SIEM platforms like Splunk
- Collaborative Problem Solving: Exceptional interpersonal and technical communication skills to bridge security policies with developer workflows
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent work experience
- Industry certifications such as CISSP, GIAC, or specialized cloud/DevSecOps credentials (or equivalent practical experience)
- Experience with Infrastructure as Code (IaC) and network automation tools
- Practical experience implementing secure workflows for generative AI tools or LLMs
Benefits
- NPR provides comprehensive benefits for employees and dependents.
- Regular, full-time employees scheduled to work 30 hours or more per week are eligible to enroll in NPR’s benefits options.
- Benefits include access to health and wellness, paid time off, and financial well-being.
- Plan options include medical, dental, vision, life/ accidental death and dismemberment, long-term disability, short-term disability, and voluntary retirement savings to all eligible NPR employees.
Company Overview