IT Security Engineer I

About the role

The Security Incident Operations Center (SIOC) at Kansas State University seeks an IT Security Engineer I to enhance detection capabilities, improve incident response, and maintain proactive threat‑response protocols. The engineer will ensure the university’s IT assets stay resilient against evolving threats while delivering high‑quality security services to stakeholders.

Key responsibilities

• Optimize and tune SIEM platforms to improve threat detection.
• Respond to security incidents, conduct forensic analysis, and coordinate remediation.
• Maintain and update proactive threat‑response procedures and playbooks.
• Perform log collection, analysis, and correlation across Windows and Linux environments.
• Participate in on‑call rotation and occasional after‑hours incident handling.
• Support occasional travel for training, conferences, or related events.

Required profile

• High school diploma or equivalent plus at least seven years of relevant experience (or equivalent combination of education and work).
• 3‑5 years of experience in security operations or incident response.
• Legal authorization to work in the United States without sponsorship.

Required skills

• Experience with SIEM platforms such as Splunk, IBM QRadar, or ArcSight.
• Proficiency in scripting languages (Python, PowerShell, Bash).
• Strong knowledge of Windows and Linux operating systems.
• Familiarity with security frameworks (NIST, MITRE ATT&CK).
• Security certifications (Security+, GCIH, GCFA, CySA+) preferred.
• Cloud security monitoring experience (AWS, Azure, GCP).
• Network traffic analysis tools (Wireshark, tcpdump) and endpoint detection & response (EDR) solutions.
• Vulnerability scanning, threat intelligence platforms, and security orchestration/automation tools.