Reston, VA
McLean, Virginia
Posted: 13-Apr-26
Location: Remote, USA
Type: Full Time
Salary: $102,000 - $116,000 annually
Categories:
Additional Information:
RESUME AND COVER LETTER REQUIRED TO BE CONSIDERED FOR THIS POSITION
Deadline to apply is April 23, 2026
Salary: $102,000 - $116,000 annually. Salary is dependent on experience and qualifications.
Position Summary
Reporting to EDUCAUSE’s Senior Director of Information Technology Operations, the Senior Azure & Cybersecurity Engineer uses extensive cybersecurity expertise to lead and manage our enterprise IT infrastructure while ensuring compliance with NIST, CIS, and PCI standards. This role is responsible for implementing security controls, maintaining system hardening, and managing infrastructure across multiple platforms while adhering to strict security frameworks. The position requires deep expertise in a Microsoft environment, with a thorough focus on security automation, compliance monitoring, and vulnerability management. The individual in this position will actively collaborate with other members of the IT Department and others across the association to support departmental and organizational strategic plans, goals, and initiatives.
Essential Duties and Responsibilities
Supervisory Responsibilities
- None
Security Engineering, Compliance, and Risk Management
- Implement and maintain security controls in accordance with NIST frameworks, CIS benchmarks, and PCI standards
- Lead vulnerability assessments, security hardening initiatives, and remediation efforts across the enterprise
- Design and maintain a secure Azure/Entra cloud environment following security best practices and compliance requirements
- Develop and execute security automation scripts using PowerShell and/or other scripting language for system hardening and compliance validation
- Manage and respond to security incidents, including zero-day vulnerabilities and critical patches
- Implement and maintain secure configurations for Azure /Entra, Group Policy, Intune and PKI infrastructure
- Configure and maintain system logging and security monitoring solutions (e.g., Splunk, Syslog)
- Perform security assessments and audits to ensure compliance industry standard frameworks
- Lead secure infrastructure migration and enhancement projects while maintaining compliance requirements
- Manage enterprise database systems with focus on security best practices and access controls
- Implement and maintain secure backup and disaster recovery solutions
- Develop and maintain security documentation and standard operating procedures
- Coordinate with cybersecurity team for continuous security improvements and threat mitigation
- Manage and maintain company risk management platform for audit readiness against NIST and PCI standards.
- Design and maintain Zero Trust architecture with identity-based access, continuous verification, least-privilege enforcement, and device trust controls.
- Implement and manage Zero Trust Network Access (ZTNA) to securely support remote and cloud workloads while reducing dependence on perimeter-based security
- Evaluate and secure AI-enabled tools and platforms in alignment with EDUCAUSE security standards, data governance, and regulatory requirements.
- Implement security controls for AI workloads, including data protection, access controls, monitoring for misuse, and safeguards against data leakage.
- Partner with stakeholders to assess AI risks, define responsible-use guardrails, and integrate AI threats into security, incident response, and risk management processes.
- Continue to refine organization AI security practices, policies, and tooling as organizational needs evolve
Service and Support:
- Always represent EDUCAUSE in a professional manner; engages with co-workers, volunteers, and members in a civil, caring, respectful way. Supports the professional development of others in their work to advance the mission and vision of EDUCAUSE.
- Participate in EDUCAUSE events and activities as needed. Travel may be required to support EDUCAUSE conferences/events, research team operations, and external events relevant to the position.
- Act as a departmental liaison with employees, members, volunteers, volunteer groups, and clients.
- Supports members in a manner that facilitates their growth, engagement, and enhances their EDUCAUSE experience.
- As a frontline user of EDUCAUSE systems and data services, complies with data quality standards; adheres to data governance policies, procedures, and processes for ensuring data integrity. May act as the application or data collection lead for the department.
- Perform other duties as assigned.
Qualifications
Education and Experience
- Associate’s degree in Information Technology, Computer Science, or related field required; Bachelor's degree preferred
- Minimum of 10 years of experience in systems administration required
- Minimum of 8 years of experience with Microsoft technologies and security hardening required
- Minimum of 5 years of experience implementing NIST, CIS, and/or PCI compliance standards preferred
- Minimum of 8 years of experience in security automation using PowerShell or other scripting languages preferred
Certificates and Licenses
- ITIL Certifications, preferred
- Azure-Entra/Microsoft Certifications, preferred
- Security certifications preferred (e.g., Security+, CISSP, CCSP)
Knowledge, Skills, and Abilities
- Expert knowledge of NIST frameworks, CIS benchmarks, and PCI standards
- Advanced understanding of security compliance requirements and implementation strategies
- Proven expertise in system hardening techniques for both Windows and Linux environments
- Thorough knowledge of security automation and compliance validation tools
- Experience with security incident response and vulnerability management
- Advanced knowledge of PKI infrastructure and certificate management
- Group Policy security (Azure/Entra)
- Windows Server security features and hardening
- Database security and access controls
- Security log analysis and monitoring tools
- Vulnerability assessment tools
- Security automation scripting
- Zero-Trust Network Access solutions
- Secure remote access solutions
- Network security architecture
- Security best practices for cloud environments (Azure/Entra)
- Change management in high-security environments
- Security audit procedures and documentation
- Compliance reporting and validation
- Security incident handling and response
- Risk assessment and mitigation strategies
Physical Requirements
- Prolonged periods of sitting at a desk and working on a computer.
Remote Work Requirements
- Scheduled working hours either in the employees time zone or EDUCAUSE core working hours or core working hours to be determined with the supervisor.
- Be available and responsive during scheduled work hours.
- Any time off or change in working hours must be pre-arranged according to department guidelines and consistent with the rules applicable to employment (e.g., vacation, sick, personal, leave of absence).
Travel Requirements:
- 10% or less travel required throughout the year.
Total Compensation:
EDUCAUSE not only offers meaningful work and dedicated colleagues; we also have a robust benefit package that includes:
- Medical, Dental, and Vision
- 2-for-1 employer match to your 403(b) retirement plan; up to 10% of your base salary
- Employer-paid Life and AD&D, Short?Term Disability, and Long?Term Disability
- 15 days of vacation and 6 days of personal time annually
- 9 paid holidays
- One week of paid time off when offices are closed between Christmas and New Year’s Day
- 36-hour work week (without any reduction in pay) amounting to 26 additional days of paid time off each year
- Employee Assistance Program (EAP)
- Emergency Travel Assistance
- Professional development assistance
- Monthly connectivity reimbursement
EEO Statement
EDUCAUSE is committed to an inclusive workplace and is proud to be an equal opportunity employer. EDUCAUSE provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
EDUCAUSE recognizes that the unique backgrounds, talents, skills, and contributions of every individual improve and enhance the quality of the association. Creating an environment of inclusion is an EDUCAUSE organizational goal, which includes, but is not limited to:
- Treating everyone with dignity, respect, and fairness
- Providing insights and input as a work contributor
- Listening to and acknowledging others' contributions
- Contributing to an open and welcoming environment across demographic categories and physical locations
- Meeting others at their point of need to advance organizational achievement
- For supervisors, ensuring everyone's input is heard and considered
