Senior Engineer, Cybersecurity Program & Risk jobs in United States
cer-icon
Apply on Employer Site
company-logo

Southern Poverty Law Center · 8 hours ago

Senior Engineer, Cybersecurity Program & Risk

positionAtlanta, GA
timeFull-time
remoteHybrid
senioritySenior Level
date5+ years exp

Southern Poverty Law Center (SPLC) is seeking a Senior Engineer of Cybersecurity Program & Risk who is passionate about social justice. The role involves developing, implementing, and maintaining the organization's cybersecurity program, managing third-party security vendors, and ensuring continuous improvement of the organization's cyber posture.

AssociationNon Profit

Responsibilities

Develop , maintain, and enforce organizational cybersecurity policies, standards, and procedures
Align cybersecurity practices and controls with NIST CSF 2.0 and Zero Trust Architecture maturity goals
Facilitate business impact analyses (BIAs) and risk assessment workshops with stakeholders to prioritize risk treatment
Maintain and track the enterprise cyber risk register
Coordinate external penetration tests and other independent assessments to validate program effectiveness
Monitor remediation of findings and report status to leadership
Evaluate threat risks using MITRE ATT&CK Framework, Microsoft STRIDE Framework, etc
Accountable for managing day-to-day aspects of security vendor business relationships, ensuring alerts, reports, and SLAs are reviewed and validated
Oversee the cybersecurity awareness and phishing testing program delivered by training partners
Support vendor risk management reviews and ensure third-party security practices meet organizational standards
Maintain and update incident response (IR) and business continuity planning (BCP) playbooks
Plan and coordinate tabletop exercises across IT and business units
Partner with IT operations and the MSSP during incident escalation and post-incident reviews
Identify/recommend/implement opportunities to streamline/automate protective posture and defensive responses to stay ahead of hackers who often use automated scripts that far surpass traditional manual cybersecurity measures
Develop cybersecurity dashboards and maturity metrics to track progress against program objectives
Deliver prioritized quarterly risk and program updates to the CIO and leadership team
Translate technical risks into business-focused reporting for non-technical stakeholders
Monitor, measure, and evaluate efficacy of cybersecurity program elements/controls to eliminate/mitigate/reduce risk to business data/systems and ultimately business operations
Perform other duties as required or assigned which are within the scope of the duties in this job classification

Qualification

NIST Cybersecurity FrameworkZero Trust ArchitectureCISSPCISMMITRE ATT&CKMicrosoft STRIDEIncident ResponseRisk ManagementVendor ManagementAnalytical SkillsCollaborationCommunicationMentorship

Required

Minimum 5 years of cybersecurity engineering governance, risk and compliance and vendor oversight
One or more of the following certifications are required: CISSP, CISM, CRISC, CISA, or equivalent
High school diploma or GED

Company

Southern Poverty Law Center

twittertwittertwitter
company-logo
The Southern Poverty Law Center is a non-profit legal advocacy organization specialized in civil rights and public interest litigation.
dateFounded in 1971
location
Montgomery, Alabama, USA
people-size201-500 employees
web-link
http://www.splcenter.org

Funding

Current Stage
Growth Stage
Total Funding
$0.4M
Key Investors
Lumina Foundation
2022-02-15Grant· $0.4M

Leadership Team

leader-logo
Richard Cohen
president
linkedin

Recent News

Courage Is A Habit
Courage Is A Habit Exposes American School Counselor Association's Direct Ties to Radical Southern Poverty Law Center
2025-10-14
Axios
Most Jewish Americans say antisemitism now part of daily life, new survey finds
2025-10-06
The Cool Down
Officials on high alert as US militia group uses disturbing tactics: 'Conducting penetration drills'
2025-10-01
Company data provided by crunchbase