Hillsdale College

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: ITS Service Desk Technical Support Specialist Posting Number: S196P Department: Information Technology Services Position Type: Staff Job Description: Location : Washington, DC (within close proximity to Union Station); initial training required in Hillsdale, Michigan Job Summary Hillsdale College is seeking a skilled and customer-focused ITS Service Desk - Technical Support Specialist to join our team in Washington, DC. This role combines the technical expertise and user empathy of an Information Technology Technical Support Specialist with essential classroom and event technology (e.g., audio/visual, Extron controls) support skills. The Specialist will provide high-quality technical support to faculty, staff, and students, providing guidance and resolving issues with computers, smartphones/tablets, networks, and classroom/event technologies. Initial training will take place at Hillsdale College's main campus in Hillsdale, Michigan. Day-to-day, onsite support will be in the College's Washington, DC, office near Union Station. This role will also provide remote support via email, telephone, and video for the users at the College's other campuses. The ideal candidate is a problem-solver with a strong information technology support background, excellent communication skills, and a commitment to delivering exceptional service in line with ITIL best practices for Service Desk operations, Incident Management, and Service Asset and Configuration Management as well as Hillsdale College's mission. Responsibilities include managing incidents and service requests, supporting classroom/event technology, and ensuring secure and efficient IT operations. Essential Job Functions Service Desk and Incident Management Serve as the first point of contact for IT-related issues, managing incidents and service requests on the Washington, DC campus as well as fielding general service requests from the Hillsdale, Michigan, campus in a Windows and Mac enterprise environment, following ITIL Incident Management processes. Troubleshoot and resolve hardware, software, and basic networking issues (e.g., desktops, tablets, printers, VoIP phones) to restore service quickly and ensure service availability. Log, categorize, and prioritize incidents and service requests in the Service Desk system, ensuring accurate documentation and timely resolution per ITIL guidelines. Escalate complex incidents to second-line support when necessary, maintaining clear communication with stakeholders. Academic and Event Technology Support Provide rapid break/fix support for classroom technologies, including projectors, controllers, touchpanels, screens, microphones, amplifiers, and speakers Assist with the basic installation of classroom/event hardware and software, adhering to standards and best practices as defined by the Academic Technology team Support online meeting platforms (e.g., Zoom, Microsoft Teams) for academic and administrative use, following ITIL Service Request Fulfillment processes. Track and manage classroom and lab equipment inventory, updating configuration records in accordance with ITIL standards. Provide support for events in the Van Andel Lecture Hall by setting up and testing mics, connecting and uploading presenter's visual media, and assisting with video recording requests. Problem Management and Solution Development Identify recurring issues and trends through ITIL Problem Management practices, collaborating with peers to investigate root causes and implement proactive solutions. Create documentation and "how-to" resources to promote user self-service and reduce repeat incidents, per ITIL Knowledge Management principles. Operational Excellence Engage with faculty, staff, and students to understand concerns, observe workflows, and recommend improvements, aligning with ITIL's customer-centric service approach. Build positive relationships with customers, vendors, and external contacts to share best practices and enhance service delivery. Communicate technical solutions clearly to non-technical audiences, ensuring alignment with ITIL's emphasis on effective stakeholder communication. Work independently and collaboratively to support a diverse population, logging incidents and requests accurately in the Service Desk system. Required Qualifications: Education and Experience Associate's or Bachelor's degree in Information Systems, Computer Science, Digital Media, or a related field preferred, or Minimum of 2 years of experience in a Service Desk or technical support role, with exposure to audio-visual or classroom technology support. Other Skills: Other Skills Proficient in Windows Desktop OS installation, configuration, networking, and troubleshooting; basic proficiency in Mac OS and iOS support. Foundational understanding of TCP/IP networking and modern Wi-Fi connectivity methods, supporting ITIL's technical service management requirements. Experience supporting and using Microsoft 365, Google G Suite, Box, and Service Desk tracking software, aligning with ITIL's Knowledge Management and Service Request Fulfillment. Basic knowledge of AV hardware installation and troubleshooting, supporting ITIL Service Asset and Configuration Management. Strong understanding of cybersecurity risks and mitigation practices, aligned with ITIL's focus on service security. Excellent interpersonal, customer service, and communication skills, including technical writing and documentation capabilities, per ITIL's emphasis on clear communication. Ability to work independently, manage deadlines, and adapt to new technologies, supporting ITIL's Continual Service Improvement. Flexible work hours are required for supporting events in the evening. Some weekend work may be required. Commitment to Hillsdale College's mission and values. ITIL Foundation certification is desirable but not required; CompTIA A+, AVIXA CTS, or Extron certification is also desirable. Customer service training or experience is highly desirable. Personal Characteristics The ITS Service Desk Technical Support Specialist interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant, professional demeanor that support the College's mission are essential. Working at Hillsdale College Hillsdale College offers an exceptional culture and work environment where team members support the College's mission to promote the liberal arts. Employees enjoy generous retirement, health, dental, and vacation benefits, as well as access to campus events, athletic facilities, and outdoor activities at Hayden Park. Educational benefits are available for children accepted to Hillsdale College or participating Tuition Exchange Program schools, and access to Hillsdale Academy (K-12) is available for families. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the College's original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Physical Demands: Ability to operate and install technology (hardware, software). Must be able to crawl under desks, lift or move up to 25 pounds, and carry equipment as needed. Ability to walk, stoop, crouch, or climb during installations. Open Date: 09/01/2025 Open Until Filled: Yes Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIe95e7cfd80d2-0351

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the College's information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the College's strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale College's information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the College's cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the College's technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the College's security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the College's original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PI49ac71bd8d7f-8765

Position Title: Senior Cybersecurity Engineer Posting Number: S199P Department: Information Technology Services Position Type: Staff Job Description: Job Summary The Hillsdale College digital landscape is rapidly expanding, and so are the challenges that accompany safeguarding the Colleges information and technology. We are seeking an experienced Senior Cybersecurity Engineer to engineer, implement, and maintain the Colleges strategic and tactical protections against modern cybersecurity threats.You will be at the forefront of executing our next generation of defensive measures, working closely with our internal Information Security team and collaborating with external partners such as our MSSP, penetration testing firms, and vendors supporting vulnerability management and the hybrid on-premises/Azure cloud infrastructure.Successful candidates will have a solid background of at least 10 years of InfoSec implementation and operational experience, coupled with in-depth, hands-on experience in system administration, network architecture, and security engineering and operations. Your experience integrating security through implementation testing, and ongoing operation and maintenance will be essential to protecting Hillsdale Colleges information systems and sensitive data from threats. Essential Job Functions Perform Technical Risk Assessments : Apply tools and methodologies aligned with NIST CSF and ISO 27001 framework components to identify, evaluate, and prioritize cybersecurity risks. Perform Vendor Security Assessments : Execute technical evaluations of vendors by running security assessments, reviewing vendor controls, and validating compliance with the Colleges cybersecurity requirements. Deploy and Maintain Security Policies and Procedures : Work with the Senior Director of Information Security and governance advisors to operationalize security policies and ensure they are technically enforced to mitigate risks. Support Policy Implementation : Provide technical input to ensure security policies are practical and enforceable across the Colleges technologies for operations, teaching, outreach, and fundraising. Deliver Cybersecurity Training Support : Provide technical insights and practical examples for awareness training programs to strengthen staff understanding of security best practices. Monitor and Report on Security Metrics : Use monitoring tools (e.g., SIEM, vulnerability scanners) to collect and analyze metrics and KPIs, assess the Colleges security posture, and validate the effectiveness of technical controls. Provide Technical Input for Communication : Supply clear technical details and updates to support communication plans, ensuring stakeholders receive accurate security information for continuous improvement. Required Qualifications: Education and Experience A degree in Computer Science, Cybersecurity, Management Information Systems, or a related field is preferred but not required. Relevant technical certifications such as CISSP, SSCP, GSEC, CCSP, or CompTIA Security+ are considered a plus but are not required. Minimum ten years of experience in a security-focused, hybrid cloud environment or comparable role is required. Continuing Education Maintain Technical Proficiency : The College provides funding for professional development. Employees in this role are expected to complete a minimum of 60 hours annually of continuing education relevant to information security. Other Skills: Expert-level Systems, Network and Cybersecurity Engineering and Operations Expert in secure configuration and maintenance of hybrid Azure cloud and on-premises environments across Windows, Mac, and Linux platforms. Work with ITS software development teams during the SDLC to perform technical reviews and apply security controls, ensuring software meets design, security, performance, and standards requirements without slowing agile development. Security Standards and Compliance Hands-on experience applying the NIST Cybersecurity Framework (CSF), CVE, and MITRE ATT&CK frameworks, with proven ability to implement data handling and security controls that meet PCI DSS, GDPR, and HIPAA regulations. NICCS/NICE S0141, S0459, S0461, S0531, S0673, S0686, S0806, S0939, S0940, S0941, S0942 Proficient-level Build and maintain dashboards and reports that provide actionable security insights for operational use. Implement and maintain security controls in Azure cloud platforms and hybrid environments, including configuring identity and access management (e.g., Azure AD, IAM roles), enabling encryption (e.g., TLS, data-at-rest encryption), and operating security services like web application firewalls (WAF) and cloud-native monitoring tools (e.g., Azure Security Center). Apply data security principles through encryption, access control configuration, and deployment of data loss prevention (DLP) strategies. Identify and remediate gaps in network and connectivity architecture to strengthen security controls. Detect, respond to, and recover from security incidents by applying technical tools and procedures, contributing to incident response plans, and performing hands-on post-incident analysis. Execute cybersecurity projects through hands-on implementation, technical requirements validation, and collaboration with team members to deliver secure solutions. NICCS/NICE S0950, S0951 Physical Demands: Physical Requirements The ability to operate equipment, including installation, maintenance, and retirement of computer and network equipment, display monitors, and the like. The position is mainly sedentary but may require the incumbent to walk, stoop, crouch, or climb. Personal Characteristics The Information Technology Services Department interacts with all College students, faculty, and staff. A clean, neat appearance and a pleasant relationship supporting the College mission are essential. Code of Commitment Be a good representative of Hillsdale College to promote the liberal arts, the Colleges original Articles of Association, and operating principles stated in the Staff Code of Commitment. The Mission Statement should be considered in all aspects of the position. The teaching of Christian faith shall remain a conspicuous aim of the College. Open Date: 09/05/2025 Open Until Filled: No Supplemental Questions: Required fields are indicated with an asterisk ( ). Documents Needed To Apply (Required Documents & Optional Documents): Required Documents Resume Cover Letter Optional Documents PIdd08a9dcf4c7-8765