Security Engineer

The George Washington University

The George Washington University

Software Engineering
USD 29.92-55.55 / hour
Posted on May 1, 2025
I. JOB OVERVIEW
Job Description Summary:
George Washington University Information Technology (GWIT) is the chief provider of technology services and applications at The George Washington University (GW). GWIT partners with all key stakeholders across GW to equip students, faculty, and staff with the technology and tools necessary to achieve academic excellence. This position works within GWIT and ensures collaboration with both University stakeholders and external vendors for service delivery across GW.

GWIT operates systems in a hybrid multi-cloud environment in GW data centers and commercial cloud. The Security Engineer role will be a part of a team responsible for defining security requirements, supporting security architecture, implementing a secure development lifecycle, assessing information systems, recommending security best practices, providing vulnerability management and generally defining, implementing, assessing, and maintaining controls necessary to protect both physical and virtual networks, hardware, and systems in accordance with security requirements.

The Security Engineer:

  • Communicates institution-specific and industry best practices around IT security standards to internal technical leads, and external technology solution developers, partners, and providers.
  • Analyzes data generated during application security and vulnerability assessments, vulnerability scans, and penetration testing and creates reports to summarize risks, vulnerabilities, and remediation strategies based on common standards and frameworks.
  • Provides mitigation and remediation suggestions, as appropriate.
  • Supports digital transformation including appropriate automation, cloud migration, stakeholder empowerment, and distributed, but effective security practices.
  • Supports senior and lead security engineers in completing application security and, vulnerability assessments, penetration testing, and risk analyses using industry standard tools, both commercial and open source.
  • Effectively delivers these reports to technical and non-technical staff, engineers, developers, and managers. Supports senior and lead security engineers in delivering reports at the director, associate vice-presidential, and vice-presidential levels.
  • Supports senior and lead security engineers by contributing recommendations on operational aspects of security vulnerability and risk assessments for current technical solutions, transition or emerging solutions and in evaluating changes to systems and services (change management) for both on-premise and cloud solutions.
  • Supports senior and lead security engineers in maintaining IT security tool and capability portfolio through engaged lifecycle management of hardware and software solutions, vendor management and budget planning activities (researching and drafting business cases in a zero-based budget environment) as requested.
  • Contributes to the identification, creation, and documentation of security processes, network security standards and procedures for both internal runbooks as well as university wide communications and awareness.
  • Acts as an escalation point for and collaborates with peers throughout the institution on technical security matters.
  • Participates in IT projects across the university.
  • Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position.
Minimum Qualifications:
Qualified candidates will hold a Bachelor’s degree in an appropriate area of specialization, OR a High School diploma plus a relevant IT Security certification. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience.
Additional Required Licenses/Certifications/Posting Specific Minimum Qualifications:
Preferred Qualifications:
  • Demonstrated experience in application security, vulnerability assessments, vulnerability management, penetration testing, or risk analysis activities across functional business areas and information technology services.
  • Experience in using security testing tools to test environments that are on-premise, co-located data centers, cloud providers, and applications/protocols of varying levels of the OSI model.
  • Ability to demonstrate flexibility/adaptability in applying IT Security standards, knowledge of current best practices applicable to a given environment (higher education experience in this area a plus).
  • Ability to effectively translate technical vulnerabilities into business risk terminology.
  • Demonstrated ability to explain standards and frameworks such as OWASP, NIST, CIS Benchmarks, and more to technical and non-technical staff, developers, engineers, system/network administrators, and management.
  • Ability to work closely with team members and independently to deliver expected results.
  • Cybersecurity certifications focused on security and cloud security such as Certified Cloud Security Professional (CCSP), AWS Certified Security, CompTIA Cloud+, Certificate of Cloud Security Knowledge (CCSK), GIAC Cloud Security Automation (GCSA), GIAC Enterprise Vulnerability Assessor (GEVA), Offensive Security Certified Professional (OSCP), Global Information Assurance Certification (GIAC) Penetration Tester (GPEN) are desirable.
Hiring Range $29.92 - $55.55
GW Staff Approach to Pay

How is pay for new employees determined at GW?

Healthcare Benefits

GW offers a comprehensive benefit package that includes medical, dental, vision, life & disability insurance, time off & leave, retirement savings, tuition, well-being and various voluntary benefits. For program details and eligibility, please visit https://hr.gwu.edu/benefits-programs.

II. JOB DETAILS
Campus Location: Ashburn, Virginia
College/School/Department: GW IT
Family Information Technology
Sub-Family Systems Security
Stream Individual Contributor
Level Level 1
Full-Time/Part-Time: Full-Time
Hours Per Week: 40+
Work Schedule: Monday - Friday, 8 am - 4 pm
Will this job require the employee to work on site? Yes
Employee Onsite Status Hybrid
Telework: Yes
Required Background Check: Criminal History Screening, Education/Degree/Certifications Verification, Social Security Number Trace, and Sex Offender Registry Search
Special Instructions to Applicants:
Employer will not sponsor for employment Visa status
Internal Applicants Only? No
Posting Number: S013691
Job Open Date: 04/30/2025
Job Close Date:
If temporary, grant funded, Sponsored Project funded or limited term appointment, position funded until:
Background Screening Successful Completion of a Background Screening will be required as a condition of hire.
EEO Statement:

The university is an Equal Employment Opportunity employer that does not unlawfully discriminate in any of its programs or activities on the basis of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, or on any other basis prohibited by applicable law.