Remoworker Remoworker
N

Senior IT Security Engineer

NPR
Remote Full-time Worldwide
Apply on RemoteFirstJobs →

You'll be redirected to the original listing.

Description

OVERVIEW

A thriving, mission-driven multimedia organization, NPR produces award-winning news, information, and music programming in partnership with hundreds of independent public radio stations across the nation. The NPR audience values information, creativity, curiosity, and social responsibility – and our employees do too. We are innovators and leaders in diverse fields, from journalism and digital media to IT and development. Every day, our employees and member stations touch the lives of millions worldwide.

Across our organization, we’re building a workplace where collaboration is essential, diverse voices are heard, and inclusion is the key to our success. We are committed to doing the right thing in our journalism and in every role at NPR . This means that integrity, adherence to our ethical standards, and compliance with legal obligations are fundamental responsibilities for every employee at NPR.

Intro to Position

As our Senior Security Engineer, you will bridge the gap between traditional infrastructure security and modern DevSecOps. We are looking for a proactive security engineer to define secure-by-design frameworks, implement high-impact DevSecOps pipelines across multi-cloud environments (AWS and GCP), and lead critical security reviews for emerging technologies, including artificial intelligence.

Beyond technical mastery, you will act as a collaborative partner to our internal teams, fostering a culture of proactive security, cyber vigilance, and continuous improvement. If you thrive in rapidly evolving environments and have a passion for building secure, resilient ecosystems, this is your next challenge.

Responsibilities

  • Secure-by-Design Architecture: Implement, own, and champion secure-by-design frameworks across cloud, infrastructure, and application ecosystems, ensuring all system architectures address robust cybersecurity requirements.
  • Design & Integration Reviews: Review and approve security architecture designs for new internal systems, cloud platforms, and third-party integrations.
  • DevSecOps & CI/CD Pipelines: Design, enable, and maintain automated security pipelines to proactively scan Git repositories, catching vulnerabilities early in the software development lifecycle.
  • Cloud Security Management: Manage security lifecycles within multi-cloud environments (primarily AWS and GCP) to ensure continuous compliance and threat mitigation.
  • Vulnerability Management: Own and run the end-to-end vulnerability management program, prioritizing remediation efforts across enterprise systems.
  • AI & Emerging Tech Security: Assess and secure emerging technologies, evaluating security-focused Large Language Models (LLMs) and AI workflows to keep NPR aligned with industry progressions.
  • Security Monitoring & SIEM: Leverage SIEM platforms (specifically Splunk) to develop advanced dashboards, write queries, and build automated reporting mechanisms for real-time threat intelligence.
  • Network & Endpoint Defense: Deploy, recommend, and test advanced security controls, including Endpoint Detection and Response (EDR), enterprise-level antivirus, and perimeter security for Cisco networking devices.
  • Cross-Functional Collaboration: Partner with internal NPR technology and business teams to address security gaps, resolve concerns, and provide subject matter expertise in ongoing cybersecurity meetings.

The above duties and responsibilities are not an exhaustive list of required responsibilities, duties and skills. Other duties may be assigned, and this job description can be modified at any time…

Related remote jobs