Security Engineer
The Trevor Project.com
100k - 140k USD/year
Remote
United States
Full Time
About Trevor:
The Trevor Project is the leading suicide prevention and crisis intervention organization for LGBTQ+ young people. Trevor offers 24/7 crisis services, connecting highly trained counselors with LGBTQ+ young people whenever they need support. To drive prevention efforts, The Trevor Project also operates robust research, advocacy, education, and peer support programs. We’ve been saving lives every day for over 25 years.
Every day, and in every role, our staff contribute to our critical mission of ending suicide among lesbian, gay, bisexual, transgender, queer & questioning young people by embodying our values:
Heart–We care deeply and commit to do what mattersIntegrity–We build trust through our words and actionsCommunity-Together, we are an unstoppable force for goodBelonging-We serve as allies to the mission, and to each otherProgress-We continually move onward and upward
Applicants and staff must be authorized to work for any employer in the United States. The Trevor Project will not sponsor an employment visa for this position.
Role: Security EngineerLocation: This role will be remote in the continental United States, Alaska, or HawaiiReports to: Director of IT and SecurityClassification: Exempt Full TimeUnion Role? NoSalary Range: $100,000-140,000
Summary: This role will oversee the security of The Trevor Project’s systems, data, and other digital assets. This role is a direct contributor to the overall organizational Information Security Program and supporter of the security strategy plan. The first 2 project priorities this role is responsible for are our Data Governance (Retention and Destruction) policy implementation, and Security Compliance implementation (ISO27001, SOC 2 type I/II). This role will also ensure continued compliance with new security frameworks, and drive initiatives that keep all data secure and governed. You will monitor our cloud based systems for security issues, deploy security tools and platforms, support our security strategy in coordination with Technology Leadership, manage the Security Awareness Training Program, and investigate and document any security issues or breaches.
Outstanding benefits, including:- Comprehensive health coverage, including plans that support various gender affirmation care needs- Mental health resources, with access to virtual care and a variety of in and out of network options for support- 403(b) retirement plan with a 3% employer match, vesting over three years- Generous paid time off and company holidays to rest and recharge- Employee Assistance Program (EAP) offering confidential emotional support, work-life solutions, financial and legal guidance, and online resources- Remote work flexibility from anywhere in the continental U.S., Alaska, or Hawaii- with provided technology, a home office setup reimbursement, and a monthly internet reimbursement
The Trevor Project provides equal employment opportunities (EEO) to all employees and qualified applicants for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other status protected by applicable law or policy. The Trevor Project complies with all applicable laws regarding equal opportunity in employment.
The Trevor Project is committed to the full inclusion of all qualified individuals. As part of this commitment, we will ensure that persons with disabilities are provided reasonable accommodations. If a reasonable accommodation is needed to participate in the job application or interview process, please submit a request here. Please do not disclose medical information in this form–this information will be viewed only by our benefits team and will remain secure. This form is only for those requiring a reasonable accommodation to participate in the job application or interview process. This form is not an application - you must still apply through The Trevor Project careers website.
The Trevor Project is the leading suicide prevention and crisis intervention organization for LGBTQ+ young people. Trevor offers 24/7 crisis services, connecting highly trained counselors with LGBTQ+ young people whenever they need support. To drive prevention efforts, The Trevor Project also operates robust research, advocacy, education, and peer support programs. We’ve been saving lives every day for over 25 years.
Every day, and in every role, our staff contribute to our critical mission of ending suicide among lesbian, gay, bisexual, transgender, queer & questioning young people by embodying our values:
Heart–We care deeply and commit to do what mattersIntegrity–We build trust through our words and actionsCommunity-Together, we are an unstoppable force for goodBelonging-We serve as allies to the mission, and to each otherProgress-We continually move onward and upward
Applicants and staff must be authorized to work for any employer in the United States. The Trevor Project will not sponsor an employment visa for this position.
Role: Security EngineerLocation: This role will be remote in the continental United States, Alaska, or HawaiiReports to: Director of IT and SecurityClassification: Exempt Full TimeUnion Role? NoSalary Range: $100,000-140,000
Summary: This role will oversee the security of The Trevor Project’s systems, data, and other digital assets. This role is a direct contributor to the overall organizational Information Security Program and supporter of the security strategy plan. The first 2 project priorities this role is responsible for are our Data Governance (Retention and Destruction) policy implementation, and Security Compliance implementation (ISO27001, SOC 2 type I/II). This role will also ensure continued compliance with new security frameworks, and drive initiatives that keep all data secure and governed. You will monitor our cloud based systems for security issues, deploy security tools and platforms, support our security strategy in coordination with Technology Leadership, manage the Security Awareness Training Program, and investigate and document any security issues or breaches.
Roles and Responsibilities:
- Monitor cloud based systems for security issues.
- Ensure the secure handling and protection of highly confidential and sensitive data across IT systems and infrastructure.
- Investigate security breaches and other cybersecurity incidents, identify and implement remediations, and report on the findings.
- Deploy security tools and platforms to protect systems and information infrastructure, including (but not limited to) SEIM, Security Awareness Training, Vulnerability Monitoring, and Automated Detection and Response tools.
- Work with security vendors to perform tests and uncover network vulnerabilities, and to determine and implement appropriate remediations.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- From ground zero, research, plan, and implement policies and processes that will achieve common Cybersecurity compliances, (SOC 2 type I/II, ISO27001, CCPA, Etc).
- Evaluate potential additions to the organizational software portfolio for security risk and mitigation
- Evaluate proposed projects, changes, or data use cases for security risk and mitigation
- Demonstrate fair, ethical, and equitable business practices
- Handle sensitive and confidential matters with the utmost discretion and integrity
- Learn eagerly, share knowledge appropriately, and improve continuously
- Demonstrate successful planning and problem-solving skills, including multitasking and working well within tight timelines
- Work, communicate, and collaborate effectively with others
- Demonstrate attention to detail and accuracy in all work
- Demonstrate a commitment to fostering and maintaining an environment of belonging
- Other relevant duties and responsibilities as assigned
Minimum Qualifications:
- 5 or more years of combined education, work, and/or certification experience with demonstrated expertise in Information Security planning, implementation, and maintenance.
- Proficiency in:
- Implementing SOC 2/ISO27001, or other security compliance frameworks.
- Developing and maintaining technical processes for data governance, retention, and deletion in a cloud environment (GCP/AWS/AZURE)
- Security Awareness Training Program Management
- Automated Threat Detection, Response, and Remediation Programs
- Security Audit and Investigation process
- Asset Management Lifecycle
- Data Management Lifecycle
- Vulnerability Assessment and Management
- Threat Intelligence and Management
- Business Continuity and Disaster Recovery
- Proficiency in spoken and written English
Outstanding benefits, including:- Comprehensive health coverage, including plans that support various gender affirmation care needs- Mental health resources, with access to virtual care and a variety of in and out of network options for support- 403(b) retirement plan with a 3% employer match, vesting over three years- Generous paid time off and company holidays to rest and recharge- Employee Assistance Program (EAP) offering confidential emotional support, work-life solutions, financial and legal guidance, and online resources- Remote work flexibility from anywhere in the continental U.S., Alaska, or Hawaii- with provided technology, a home office setup reimbursement, and a monthly internet reimbursement
The Trevor Project provides equal employment opportunities (EEO) to all employees and qualified applicants for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other status protected by applicable law or policy. The Trevor Project complies with all applicable laws regarding equal opportunity in employment.
The Trevor Project is committed to the full inclusion of all qualified individuals. As part of this commitment, we will ensure that persons with disabilities are provided reasonable accommodations. If a reasonable accommodation is needed to participate in the job application or interview process, please submit a request here. Please do not disclose medical information in this form–this information will be viewed only by our benefits team and will remain secure. This form is only for those requiring a reasonable accommodation to participate in the job application or interview process. This form is not an application - you must still apply through The Trevor Project careers website.