IT Security Engineer I

About This Role The role is with the Security Incident Operations Center (SIOC) team and works to optimize detection capabilities, improve response, and maintain proactive threat response protocols. The security operations engineer ensures that the university's IT assets remain resilient against evolving security threats while delivering high-quality service to stakeholders across the institution. About Us Kansas State University's Division of Information Technology is committed to providing excellent IT services to the K-State community in support of the teaching, learning, research, and service missions. They offer a wide range of information technology and communications services. They provide leadership for developing and delivering computing and digital resources to K-State students, faculty and staff. The Division coordinates and manages central IT business services including Enterprise Systems, Portfolio & Project Governance, Infrastructure & Operations, Academic Applications, Information Security, and Academic IT and Research Support. Worksite Description This position is On-site . This position is fully on-site. What You'll Need to

Succeed Minimum Qualifications:

Requires a high school diploma (or equivalent) and seven years of relevant experience. Requirements may be met through a combination of work experience and education.

Preferred Qualifications:

3-5 years of experience in security operations or incident response Strong knowledge of SIEM platforms (Splunk, IBM QRadar, ArcSight, or similar) Experience with network protocols, log analysis, and forensic techniques Understanding of common attack vectors and threat actor tactics Proficiency in scripting languages (Python, PowerShell, Bash) Knowledge of Windows and Linux operating systems Familiarity with security frameworks (NIST, MITRE ATT&CK) Security certifications (Security+, GCIH, GCFA, CySA+) Experience with cloud security monitoring (AWS, Azure, GCP) Knowledge of threat intelligence platforms Experience with security orchestration and automation tools Understanding of malware analysis techniques SIEM administration and log analysis Network traffic analysis (Wireshark, tcpdump) Endpoint detection and response (EDR) tools Vulnerability scanning and assessment tools Security information correlation and analysis

Additional Role Information:

Other Requirements:

(Note on working environment) Occasional after-hours work for incident response or change management work in designated maintenance windows Participation in on-call rotation Occasional travel required for training, conferences, or other events Sponsorship eligibility: Candidates must be legally authorized to work in the U.S. on an ongoing basis without sponsorship How to Apply Please submit the following documents: Cover Letter Resume Three Professional References Application Window Applications close on:5/29/26 Anticipated Hiring Pay Range $70,835-80,000