Information Security Engineer - Remote Cybersecurity Expert for Education Industry Leader

Join the Team Revolutionizing Education with Cutting-Edge Cybersecurity

Barnes & Noble Education, Inc. (BNED) is at the forefront of the education industry, driving affordability, access, and achievement for hundreds of academic institutions nationwide. As a leading solutions provider, BNED is committed to empowering students, faculty, and institutions to make tomorrow a better, more inclusive, and smarter world. We're seeking a talented Information Security Engineer to join our dynamic team in a full-time, remote capacity.

About Us: Education is in Our DNA

BNED's family of brands offers a comprehensive range of services, including campus retail services, academic solutions, a digital direct-to-student learning ecosystem, and wholesale capabilities. Our mission is to support students, faculty, and schools as a catalyst to meet the evolving needs of the education system. We're passionate about fostering an environment where diversity and individuality are celebrated, and we're committed to being an Equal Employment Opportunity and Affirmative Action Employer.

Job Summary: Cybersecurity Expertise to Drive Business Success

As an Information Security Engineer at BNED, you'll play a critical role in proactively and reactively resolving security issues and vulnerabilities, maintaining documentation to ensure compliance with regulatory requirements such as PCI and SOX. You'll be responsible for managing security systems, running vulnerability scans, and verifying network infrastructure compliance with company policy. If you have a strong attention to detail and a passion for cybersecurity, we encourage you to apply.

Key Responsibilities: Protecting Our Digital Landscape

• Manage corporate Mobile Device Management (MDM) system to ensure secure and compliant mobile device usage.
• Administer and support URL filtering and Security Information and Event Management (SIEM) environments to detect and respond to security threats.
• Support the operations of Vulnerability Management, Endpoint Protection, and Identity Management tools to safeguard our network and systems.
• Assess network compliance using scanning tools to verify Firewall rules, Router ACLs, and IP addressing, ensuring the security and integrity of our infrastructure.
• Utilize port scanners and packet capture utilities to verify servers/applications are communicating according to documentation, troubleshooting issues as needed.
• Perform security audits of new and existing systems to verify compliance with company policy, identifying areas for improvement.
• Evaluate software for performing Information Security tasks, recommending solutions to balance potential cyber risks and enable business success.
• Troubleshoot various issues across multiple applications and platforms, collaborating with cross-functional teams to resolve complex problems.
• Actively participate in creating test scenarios for proof of concepts of hardware and software being considered for implementation, ensuring informed decision-making.
• Provide recommendations to balance potential cyber risks and enable our business to achieve success, driving strategic cybersecurity initiatives.

Essential Qualifications: The Ideal Candidate

• 3+ years of experience in an Information Security Analyst or Administrator role, with a strong background in cybersecurity principles and practices.
• Familiarity with SIEM, URL Filtering, File Integrity Monitoring, Cloud-Native Application Protection Platform (CNAPP), Vulnerability Management, and Endpoint Protection tools and technologies.
• Knowledge of technologies such as Active Directory, Linux (CentOS, SUSE, Ubuntu), Metasploit Pro, and Shell Scripting is a plus, with a strong understanding of operating system security and configuration.
• Ability to take the initiative and work effectively independently and as a cross-functional team member, with excellent organizational, multi-tasking, and time management skills.
• Strong communication, analytical, and interpersonal skills, with the ability to articulate complex cybersecurity concepts to technical and non-technical stakeholders.

Preferred Qualifications: Enhancing Your Application

• Experience with cloud security platforms and technologies, such as AWS or Azure security services.
• Knowledge of compliance frameworks and regulatory requirements, such as PCI-DSS, HIPAA, or GDPR.
• Familiarity with security orchestration, automation, and response (SOAR) tools and technologies.
• Certifications such as CompTIA Security+, CISSP, or CEH are desirable, demonstrating a commitment to cybersecurity excellence.

What We Offer: Elevating Your Career and Well-being

At BNED, we believe your success is our success. Our benefits package is designed to support you in every aspect of your life, with a competitive total rewards package for full-time employees, including:

• Medical, dental, and vision plans to ensure your physical and mental well-being.
• 401(k) match to support your long-term financial goals.
• Life insurance to provide peace of mind for you and your loved ones.
• Commuter benefits to help you navigate your daily commute.
• Paid time off with paid holidays to recharge and relax.
• A broad range of other benefits to support your overall well-being.

Compensation: A Competitive Salary

The hiring rate for this position is $70,000 per year. The actual pay may vary based on a number of factors, including professional experience, hiring location, skills, and competencies.

Our Commitment to Diversity, Equity, & Inclusion

At BNED, we're passionate about fostering an environment where diversity and individuality are celebrated. We're committed to being an Equal Employment Opportunity and Affirmative Action Employer, ensuring that qualified applicants receive consideration for employment without regard to age, ethnicity, ability, gender, gender expression, gender identity, nationality, protected veteran status, race, religion, or sexual orientation.

Are You the One We're Looking For?

If you believe you have what it takes to join our dynamic team as an Information Security Engineer, we encourage you to submit your application without delay. We're keen to hear from talented candidates like you who share our passion for cybersecurity and education.