Threat Management and Security Engineer II

At 2U, we are all in on purpose. We are motivated by our mission – to eliminate the back row in education – and connected by our shared passion to deliver world-class digital education at scale. As the parent company of edX, the world’s leading online learning platform, 2U powers more than 4,000 online higher education offerings – from free courses to full degrees. Together with more than 230 colleges, universities, and corporate partners, we are helping to unlock human potential.

What We’re Looking For:

As a Threat Management & Security Engineer II in the security operations team, you will be responsible for orchestrating the discovery and assessments of vulnerabilities and threats across several different geographic sites as well as working with 2U’s MSSP to triage and resolve potential threats and incidents.  Working with business stakeholders, your expertise with security architecture, operation systems, and threat management will be used to manage and reduce security risks across 2U’s most critical systems and collaborating within the Security Operations team to respond to and mitigate potential security events. As an individual, you will be capable of taking on complex tasks with minimal supervision and act as a vital member of the global cybersecurity team.

Responsibilities Include, But Are Not Limited To:

1. Technical

• Work within a global team to strengthen and improve overall security within 2U’s technical environment by discovering vulnerabilities, threats and external adversary techniques, while assisting teams throughout the organization to remediate and resolve these threats.
• Act as an escalation point for security related events and provide monitoring and support for 2U’s critical cybersecurity systems ensuring a high level of availability and efficiency.
• Coordinate, oversee and perform the installation, configuration, deployment, and post-implementation support of COTS (commercial off the shelf) cybersecurity solutions.  
• Perform vulnerability and risk analysis for computer systems (or applications) during all phases, develop daily operating procedures.
• Act as an escalation point and subject matter expert for vulnerabilities and security events that could impact our environments 
• Monitor, assess and investigate the company’s environment and security controls for deficiencies, threats and vulnerabilities that may result in compromisation, cyber-attacks, incidents and breaches.
• Develop reports highlighting risk from threats and recommend changes to controls, policies or systems to avoid and minimize damage.
• Support senior leaders and governance teams with the development and improvement of security standards, security controls and metrics across the organization.
• Support Security Engineering in performing systems configurations, deployment and management (cybersecurity systems and applications). 
• Identify and deliver security training for users and internal cybersecurity teams where necessary.

2. Research

• Be active in the Cybersecurity community and stay informed on current threats, attack techniques and strategies.
• Stay abreast of new technologies/tools and how they may pose a threat or benefit the organization.
• Learn new ways to develop and enhance automation in current tools to increase proficiency.

3. Personal

• Continuous learning and constant self improvement are a must.
• Open to change and ability to pivot to different priorities and situations.
• Comfortable with presenting to larger audiences and giving formal presentations.
• Must be able to work well independently as well as part of a larger team.

Competencies:

• Expertly skilled in information security best practices.
• Work, both independently and in cross-disciplinary teams.
• Possesses a high level of personal organization, persistence, communications, and attention to detail.
• Experienced in technical and narrative writing.
• High level of assessment and report writing skills.
• Effective communication skills through email and virtual meetings globally.
• Highly skilled in developing strategies to deal with potential threats.
• High level knowledge of various software and systems, how they interact with each other and how they interact with outside entities and customers.
• Knowledgeable with on-premise and cloud networking concepts and architectures.

Technical Experience: 

• Security solutions COTS
• Pentesting tools and methodologies
• Asset discovery, classification, and risk management
• Scripting ( Python, bash, powershell, etc.)
• Continuous integration and continuous delivery tools ( Ansible, Terraform, Puppet, etc.)
• NGAV/EDR
• Threat data feeds
• On premise and cloud network architecture

Things That Should Be In Your Background:

• 4 years experience in information security systems is desired.
• Experienced in computer network exploitation and tactics, techniques, and procedures (TTPs) for a wide range of operating systems and network architectures.
• Experience in installation, configuration, deployment, and post-implementation support of COTS cybersecurity solutions.
• Experienced in conducting database research on exploits and TTP.
• Experienced with networking hardware, communication technologies, and systems programming.
• Proficient knowledge of NIST Risk Management Framework.
• Certification or experience with multiple operating systems ( Microsoft, MacOS, Linux, Amazon AMI).
• Obtained technical security certification or equivalent  (Network+, CEH, GSec, Sec+, CySA+, etc).
• Advanced technical courses (E.g. MGT516, SEC460, GEVA, CSA+).
• Experience with ticket and case management systems.

The standard working hours for this role are from 1:00 PM to 10:00 PM SAST. 

Working Conditions:

The standard working hours for this role are from 1:00 PM to 10:00 PM SAST. Typically the individual will be housed either remotely or in an office environment at a designated desk/workstation within the Systems & Technology department. The noise level in the work environment is usually moderate. Should be able to use a computer keyboard, calculator, and general office equipment.

Physical Requirements:
To perform this job successfully, the individual must be able to stand, move and work throughout the office area and properties, including walking up and down 4 flights of stairs, sitting at a designated desk/workstation for the duration of the day.

Benefits & Culture

Our global employee base is a diverse collection of innovators, dreamers, and doers working together to transform lives through higher education. We believe that every employee can advance our shared purpose, and that life at 2U should be fun and meaningful. If you’re excited by the opportunity to provide over 40 million learners and counting with access to world-class online higher education, then join us – and do work that makes a difference. #NoBackRow

We offer comprehensive benefits (unique per country) and excellent work/life balance.
Full-time, ZA benefits include: 

• 2 complimentary Getsmarter short courses per year
• Subsidised medical aid with Discovery Health Medical Scheme
• 4% 2U contribution towards Discovery Life Pension Fund and Group Risk Benefit
• Employee Assistance Program (EAP)
• Generous leave policy including time off to volunteer for non-profit organization, study leave, sports leave and a company-wide festive season break

2U Diversity and Inclusion Statement

At 2U, we are committed to building and sustaining a culture of belonging, respect, and inclusion. We are proud of the steps we’ve taken to bring together an employee base that embodies diverse walks of life, ideas, genders, ages, races, cultures, sexual orientations, abilities and other unique qualities. We strive to offer a workplace where every employee feels empowered by what makes us different, as well as by how we are alike. 

2U is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodations, please reach out to us at: recruitingaccommodations@2u.com. 

About 2U Inc. (NASDAQ: TWOU)

For more than a decade, 2U, Inc. has been the digital transformation partner of choice to great non-profit colleges and universities delivering high-quality online education at scale. As the parent company of edX, a leading global online learning platform, 2U provides over 45 million learners with access to world-class education in partnership with more than 230 colleges, universities, and corporations. Our people and technology are powering more than 4,000 digital education offerings — from free courses to full degrees — and helping unlock human potential. To learn more: visit 2U.com.

About edX

edX is the education movement for restless learners and a leading global online learning platform from 2U, Inc. (Nasdaq: TWOU). Together with the majority of the world’s top-ranked universities and industry-leading companies, we bring our community of over 45 million learners world-class education to support them at every stage of their lives and careers, from free courses to full degrees. And we're not stopping there — we're relentlessly pursuing our vision of a world where every learner can access education to unlock their potential, without the barriers of cost or location. Learn more at edX.org.

Learn more at https://2u.com/careers/
#NoBackRow

The above statements are intended to describe the general nature and level of work performed by individuals assigned to this position, and are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.

2U is an equal opportunity employer that does not discriminate against applicants or employees and ensures equal employment opportunity for all persons regardless of their race, creed, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, marital status, disability, citizenship, military or veterans’ status, or any other classifications protected by applicable federal, state or local laws. 2U’s equal opportunity policy applies to all terms and conditions of employment, including but not limited to recruiting, hiring, training, promotion, job benefits and pay. 

2U is strongly committed to diversity within its community and especially welcomes applications from South African citizens who are members of designated groups who may contribute to Employment Equity within the workplace and the further diversification of ideas. In this regard, the relevant laws and principles associated with Employment Equity will be considered when appointing potential candidates. We are required by law to verify your ability to work lawfully in South Africa. 2U requires that you submit a copy of either your identity document or your passport and any applicable work permit if you are a foreign national, along with an updated curriculum vitae.