Security Engineer-Threat Intelligence

Ascend Learning is a national leader in data driven, online educational solutions for learners, educators and employers in high-growth, licensure-driven professions spanning healthcare, fitness and wellness, skilled trades, insurance and financial services. We are passionate about accelerating learning while impacting job readiness, employment success and employee retention with the belief that our work changes lives.

Our culture is intentionally results-driven and selfless with a relentless focus on our customers. We believe in trust, transparency, freedom and responsibility with a commitment to meritocracy, inclusion and diversity of thought. Continual investment in our over 1500 employees is also a core principle realized through ongoing professional development and providing opportunities to grow, develop and lead. Ascend Learning is headquartered in Burlington, MA with additional office locations and remote workers in cities across the U.S.

Ascend Learning is now hiring a Security Engineer-Threat Intelligence for our Technology & Operations Information Security & Compliance team. The Security Engineer - Threat Intelligence will contribute to the achievement of P&L objectives for the business through providing a single point of accountability for Technology & Operations deliverables. In this critical role the candidate will provide technical security across multiple security domains to ensure IT security best practices and compliance requirements are met for both industry and regulatory standards where applicable. The candidate will provide deep information security expertise for projects within any of the information systems disciplines and has the ability to provide security guidance to multiple technical teams. This individual will possess a thorough understanding of emerging technologies and our current business strategy and is able to offer and recommend solutions. Maintains recognized expertise in technology disciplines relevant to Ascend's security needs. This position will work from one of our Ascend Learning office locations/hybrid: Leawood, Kansas or Burlington, Massachusetts or Gilbert, Arizona or Minneapolis, Minnesota preferred. Remote may be considered.

Core Responsibilities

• Is responsible for the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of vulnerabilities or threats, analysis, prioritization and storage of threat intelligence information, and operational support of the incident response process.
• Author threat intelligence reports, driven by our security operations team's own incidents, analysis or third-party intelligence.
• Evolve monitoring operations by extracting data from threat intelligence and creating new content recommendations and understanding of adversary TTPs.
• Conduct threat research focused on nation state, criminal, or other malicious activities as required.
• Provide support for the automation of threat intelligence ingestion and analysis across internal sources and external sources.
• Conduct deep-level analysis of malware, including how it is developed, functions, and is employed.
• Research and analyze known hacker methodologies, system exploits, and vulnerabilities to support methodology development and execution
• Drive cross-team efforts to address systemic risks across the business
• Ability to conduct vulnerability assessments on a wide variety of technologies and implementations utilizing both automated tools and manual techniques.
• Ability to triage and escalate security incidents independently as required.
• Assists with the implementation, configuration and operations of various security tools as required.
• Able to work outside of normal business hours to support security incidents.

Education and Experience

• Applicants should possess 5+ years of professional, industry experience in job description relevant security domains and functions. Examples include - Vulnerability Management, Application Pen Testing, Red Teaming, Security Incident Response, Threat Hunting or Threat Management/Intelligence.
• Minimum 1 year of experience with threat intelligence analysis tools, methods, and the intelligence lifecycle.
• Deep understanding of how malware and how technical vulnerabilities are exploited.
• Experience distilling raw information and IOCs into actionable and finished intelligence.
• Extensive knowledge of Advanced Persistent Threats (APT) tactics, techniques, and procedures.
• Recent familiarity with emerging cyber threats, modern defenses, and the MITRE ATT&CK framework.
• Network routing/switching experience, primarily LAN is required.
• Strong windows experience is required.
• Experience in working with penetration testing or ethical hacking is desired.
• Experience with two or more assessment and exploitation tools listed below is desired.

• Kali Linux
• Metasploit
• Burp Suite Pro
• ZAP
• PTF
• Proficiency in at least one programming or scripting language.
• Cloud native experience, working with Azure preferably.
• SQL experience, working with PostgreSQL preferably.
• Preferred Certifications: Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT).
• Bachelor's Degree in Information Systems, Computer Science, or related field is preferred.

Skills and Abilities

• Strong understanding of threat analysis and enterprise level mitigation strategies
• Working knowledge of how malicious code operates and how technical vulnerabilities are exploited.
• Self-starter and ability to work effectively in a fast-paced and dynamic environment.
• Proactive attitude towards anticipating problems, implementing solutions, and accomplishing goals.
• Highly detail oriented, process minded and driven by continuous improvement attitude.
• Ability to work under pressure to meet project deadlines or resolve security incidents.
• Hands-on team player with outstanding communication skills and an "automate everything" mindset.

Ascend Learning, LLC is proud to be an equal opportunity employer (M/F/Vets/Disabled). No agency or search firm submissions will be accepted. Applications for U.S. based positions with Ascend Learning, LLC must be legally authorized to work in the United States and verification of employment eligibility will be required at the time of hire.

#LI-NK1