Information Security Specialist
Cybersecurity Operations & Incident Response
Actively monitor, analyze, and correlate telemetry from Azure/Entra logs, FortiGate firewall traffic, Google Workspace logs, Custom IdP logs, Carbon Black logs and Windows Server event logs etc. to detect anomalies. Lead full-lifecycle incident response, behavioral threat hunting, and deep-dive digital forensics using VMware Carbon Black EDR.
Vulnerability Management & Governance
Conduct regular vulnerability scanning and penetration testing across all network assets and custom-developed applications. Oversee critical, large-scale patch deployments for 5,000+ endpoints. Develop, enforce, and audit IT security policies to ensure strict compliance with educational data privacy laws and cybersecurity insurance mandates.
Email Security & Phishing Defense
Manage district-wide email security, maintaining and utilizing custom-built web applications dedicated to DMARC, SPF, DKIM, and MTA-STS analysis to prevent spoofing. Design and execute regular phishing simulation campaigns and security awareness training for district staff.
Full-Stack Development & Application Maintenance
Maintain, debug, and extend a portfolio of 9 fully custom-developed district applications (including our security tools and IdP) built on C# / ASP.NET Core MVC. Engineer complex PowerShell automation scripts to streamline district-wide system administration and data orchestration.
Next-Gen Identity Management (IAM)
Oversee our custom-built Central Sign-On Identity Provider (IdP). Manage native code-level integrations for FIDO2/WebAuthn, OIDC, and SAML2, federating identities seamlessly across Microsoft Entra, Google Workspace, and PowerSchool SIS(OracleDB).
Network Architecture & AI Integration
Configure and manage Fortinet FortiGate enterprise firewalls completely from scratch. Maintain and optimize a proprietary Public DNS Server (with AI/ML anomaly detection) and a custom RADIUS server for WiFi authentication.
Infrastructure & Database Security
Architect a highly available 3-node Hyper-V cluster. Write and optimize secure injection-proof T-SQL and Oracle PL/SQL queries to maintain encrypted data pipelines across Microsoft SQL Server and Oracle databases.
Unix/Linux Administration
Administer: secure and maintain a critical fleet of 10-20 Unix/Linux servers. Provide dedicated support and security hardening for these systems that cannot be decommissioned, ensuring seamless operation and preventing operational knowledge gaps.
Qualifications
- Hands-on experience with log analysis (Azure, Firewall, Carbon Black, Server logs, etc.), formal incident response methodologies, vulnerability management, email security standards (DMARC), and enterprise EDR platforms (VMware Carbon Black).
- Demonstrable proficiency in Advanced C# / ASP.NET Core MVC, front end development (HTML/JS/CSS), and advanced PowerShell scripting.
- Experience with raw socket programming (TCP/UDP), byte-level data manipulation, and binary packet parsing.
- Absolute, code-level understanding of the DNS protocol, RADIUS, and modern IAM protocols (FIDO2, OIDC, SAML2).
- Proven track record of designing enterprise firewalls (FortiGate) from scratch.
- Strong background in Hyper-V virtualization and writing secure optimized queries for both SQL Server and Oracle environments.
- Practical experience integrating AI / Machine Learning models into backend systems for Risk-Based Authentication (RBA) or predictive threat detection.
- Experience managing IT security, data privacy, and identity life cycles within a K-12 educational environment.
- Relevant industry certifications (e.g., CISSP, CISM, Fortinet NSE, CEH).
Employment
5 days/week; 8 hours/day; 12 months/yr
Location
District Offices
Salary
$68,140.00 Starting Wage