IT Security Engineer

Join a growing team of IT professionals who have a passion for the potential of technology tools to transform the work of a nonprofit. As the IT Security Engineer, you will play an important role in building VentureWell’s cybersecurity and Governance, Risk & Compliance (GRC) program, including managing day-to-day security operations, investigating events, identifying areas of risk, and building out security focused documentation. We are looking for someone who has a passion for technology, teamwork, and continuous improvement. Responsibilities include security operations & threat management, governance, risk & compliance, and security engineering and cloud infrastructure. Responsibilities also include: monitoring and responding to security alerts, vulnerability reports, and threat intelligence; performing root cause analysis on security incidents and recommend corrective actions; managing endpoint protection, cloud configuration monitoring, and IAM role reviews. Also, draft, review, and maintain security policies, standards, and procedures; conduct Security Impact Analyses (SIA) for configuration or architectural changes; coordinate evidence collection for internal and external audits. The ideal candidate will have a Bachelor’s degree in Information Security, Computer Science, or equivalent experience; a minimum of 4 years of direct experience supporting and adhering to cybersecurity compliance (GR&C); and experience with cloud security best practices. Familiarity with NIST special publications and frameworks (800-171, CSF) is desired.