Information Systems Security Engineer

Why Texas Association of School Boards (TASB)

We come from humble beginnings — picture a one-person organization created in 1949 to advocate for excellence in public education on behalf of Texas school board members. Flash forward to today, and we have over 500 employees working together to provide 1,024 school districts with purposeful resources so they can focus on what matters most — excellent and equitable education for all 5.4 million Texas students. 

We feel privileged to work alongside talented team-members who are passionate about education and enjoy learning from new and different perspectives.  We believe what makes our organization highly successful is the rich diversity our employees collectively bring to TASB with different backgrounds, skillsets, cultures and ethnicities, gender identities, interests, abilities, and work styles. And our passion for education and learning doesn’t end there. Our culture has always encouraged employees to grow and become their best selves both professionally and personally through a variety of innovative and collaborative development opportunities. You’re likely beginning to see why we’ve been regularly named by Austin Business Journal as a Top Ten Best Places to Work! 

TASB offers competitive pay, rich benefits (including retirement matching of 2:1 up to 5% after one year. This means that if you contribute 5% to the plan, TASB will contribute 10%), onsite daycare, onsite gym, wellness program, tuition reimbursement, remote work options, flexible schedules, and more. 

Every role at TASB thoughtfully complements our mission and the educational impact being made in communities across Texas. If you consider your work exceptional and want to help drive our mission forward, keep reading!

About You

As TASB’s Information Systems Security Engineer, you’ll collaborate with neighboring IT departments with the design, implementation and maintenance of our IT security infrastructure.   You will identify relevant threats and vulnerabilities applicable to the organization, and work with the business to remediate identified vulnerabilities and mitigate risk.  You will advise relevant stakeholders on security best-practices and industry standards, as well as respond to and remediate security incidents. This is an Austin-based hybrid role requiring the selected candidate to work from our North Austin headquarters up to two days a week. 

A Typical Day 

• Monitor security systems, responding to alerts and containing/remediating incidents.
• Conduct vulnerability assessments and partner with neighboring IT personnel to facilitate remediation efforts.
• Work closely with the development team to identify security risks early in the software development lifecycle and advising on remediation actions.
• Work closely with the information security manager to ensure security controls outlined in our governance framework are implemented effectively. 
• If you’re still reading, we’d love to meet you!

How You’ll Make an Impact

• Stay up-to-date with the latest cybersecurity threats, trends, and technologies, and recommend proactive measures.
• Collaborate with the IT Infrastructure team to design, implement, and maintain security solutions, including firewalls, intrusion detection/prevention systems, data loss prevention systems, encryption protocols and maintain cloud-security best practices.
• Work in collaboration with an outsourced security operations center to continuously monitor and prioritize security alerts and events generated by various systems, such as intrusion detection systems (IDS), firewalls, and antivirus software.
• Conduct in-depth investigations of security alerts to determine the nature and scope of potential incidents.
• Partner with the Information Security Manager to assist with the response to security incidents, investigate breaches, and develop incident reports.
• Monitor and analyze network traffic for suspicious activity, configure security appliances, and maintain network security protocols.
• Conduct regular security assessments and risk analysis to identify vulnerabilities and develop mitigation strategies.
• Identify and prioritize vulnerabilities, and work with IT teams to remediate them promptly.
• Implement, configure and administer the organization security tools including but not limited to scanning solutions, security information and event management, Microsoft Defender for Endpoint, Microsoft Endpoint Manager security and compliance settings, and the security awareness training platform. 
• Design, implement, test, and evaluate the security architecture of information systems, physical systems, and/or embedded technologies.
• Evaluate and make recommendations to enhance user access, authentication, and authorization systems to ensure proper controls and authentication protocols.
• Define, recommend, and document improvements to IT baselines and security controls both on-premise and cloud environments.
• Collaborate with the software development team to identify, implement and integrate security controls into the system development life cycle (SDLC).
• Develop and enforce security policies, standards, and procedures to ensure compliance with internal policies and external regulatory requirements.
• Improve the security culture by promoting security awareness and best practices among employees through training and communication.
• Perform security audits and assessments to ensure compliance with internal policies and industry standards.
• Provide input to implementation plans and standard operating procedures as they relate to information systems security.

Skills for Success

Education and Experience:

• Bachelor's degree in Computer Science, Information Security, or a related field. 
• At least 5 years of experience in IT security, with a proven track record of designing and implementing security solutions.
• Industry certifications such as CISSP, CISM, or CISA are preferred. 
• Experience with security assessment tools and vulnerability scanning. 
• Experience in appdev security initiatives; configuring and utilizing SAST/DAST tooling. 

Knowledge, Skills, and Abilities: 

• Proficiency in network security, firewall administration, and intrusion detection systems.
• Excellent problem-solving and analytical skills.
• Strong knowledge of security best practices and compliance standards (e.g., ISO 27001, NIST, CIS). 
• Strong communication skills to effectively collaborate with cross-functional teams and convey complex security issues to non-technical stakeholders.
• Ability to work independently in a hybrid environment and provide mentorship to junior security staff.

The TASB Difference

• Enjoy competitive pay and rich benefit offerings.
• Be part of a collaborative environment where every contribution impacts Texas public schoolchildren. 
• Thrive in a culture that promotes bringing your whole self to work every day and emphasizes healthy boundaries and work-life balance.
• Learn and grow individually and together through frequent professional development, wellness seminars, and more. 
• Work alongside transparent leaders with an open and consistent feedback approach.
• Celebrate as a team with meaningful (and fun) events and tokens of appreciation throughout the year. 

Posting Notices

• The health and safety of our employees and members, is our top priority.  
• The Association is an equal opportunity employer and will not discriminate against an individual based on any of the following personal characteristics protected by law: race, color, national origin, religion, sex (including in relation to marital status, pregnancy, pay, sexual orientation or gender identity), age, disability, genetics or veteran status.
• This position does not qualify for visa sponsorship.
• Any job offer is contingent upon receipt of results of a satisfactory background check. 

#LI-Hybrid