Senior IT Security Engineer
NationalpublicradioincRole Overview
Nationalpublicradioinc is hiring a Senior IT Security Engineer. This is a full-time remote role, with the team based in Remote. Part of Nationalpublicradioinc's Security hiring, posted today. applications are still in the early window, before most candidates have applied. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Salary Context
Salary is not disclosed in this posting. Market median for Senior-level Security roles is $130k-$160k (based on 24 comparable listings). Many employers share specifics during the interview process or after an initial screen.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
OVERVIEW
A thriving, mission-driven multimedia organization, NPR produces award-winning news, information, and music programming in partnership with hundreds of independent public radio stations across the nation. The NPR audience values information, creativity, curiosity, and social responsibility – and our employees do too. We are innovators and leaders in diverse fields, from journalism and digital media to IT and development. Every day, our employees and member stations touch the lives of millions worldwide.
Across our organization, we’re building a workplace where collaboration is essential, diverse voices are heard, and inclusion is the key to our success. We are committed to doing the right thing in our journalism and in every role at NPR. This means that integrity, adherence to our ethical standards, and compliance with legal obligations are fundamental responsibilities for every employee at NPR.
Intro to Position
As our Senior Security Engineer, you will bridge the gap between traditional infrastructure security and modern DevSecOps. We are looking for a proactive security engineer to define secure-by-design frameworks, implement high-impact DevSecOps pipelines across multi-cloud environments (AWS and GCP), and lead critical security reviews for emerging technologies, including artificial intelligence.
Beyond technical mastery, you will act as a collaborative partner to our internal teams, fostering a culture of proactive security, cyber vigilance, and continuous improvement. If you thrive in rapidly evolving environments and have a passion for building secure, resilient ecosystems, this is your next challenge.
Responsibilities
- Secure-by-Design Architecture: Implement, own, and champion secure-by-design frameworks across cloud, infrastructure, and application ecosystems, ensuring all system architectures address robust cybersecurity requirements.
- Design & Integration Reviews: Review and approve security architecture designs for new internal systems, cloud platforms, and third-party integrations.
- DevSecOps & CI/CD Pipelines: Design, enable, and maintain automated security pipelines to proactively scan Git repositories, catching vulnerabilities early in the software development lifecycle.
- Cloud Security Management: Manage security lifecycles within multi-cloud environments (primarily AWS and GCP) to ensure continuous compliance and threat mitigation.
- Vulnerability Management: Own and run the end-to-end vulnerability management program, prioritizing remediation efforts across enterprise systems.
- AI & Emerging Tech Security: Assess and secure emerging technologies, evaluating security-focused Large Language Models (LLMs) and AI workflows to keep NPR aligned with industry progressions.
- Security Monitoring & SIEM: Leverage SIEM platforms (specifically Splunk) to develop advanced dashboards, write queries, and build automated reporting mechanisms for real-time threat intelligence.
- Network & Endpoint Defense: Deploy, recommend, and test advanced security controls, including Endpoint Detection and Response (EDR), enterprise-level antivirus, and perimeter security for Cisco networking devices.
- Cross-Functional Collaboration: Partner with internal NPR technology and business teams to address security gaps, resolve concerns, and provide subject matter expertise in ongoing cybersecurity meetings.
The above duties and responsibilities are not an exhaustive list of required responsibilities, duties and skills. Other duties may be assigned, and this job description can be modified at any time.
Minimum Qualifications
- 5+ years of experience in an information security, security engineering, or infrastructure security role.
- 2+ years of hands-on experience in DevSecOps, secure software development, or automated CI/CD security pipeline integration.
- Strong hands-on technical experience administering enterprise security tools, including SIEM (Splunk), EDR/anti-malware, and vulnerability management systems.
- Proven experience securing multi-cloud environments (AWS and/or GCP) and a solid understanding of cloud security posture management.
- Practical knowledge of core networking concepts and principles, including securing perimeter devices (such as Cisco hardware).
- Demonstrated track record of cross-functional technical communication, documentation, and assisting development teams with security remediation.
Preferred Qualifications
- Industry certifications such as CISSP, GIAC, or specialized cloud/DevSecOps credentials (or equivalent practical experience).
- Experience with Infrastructure as Code (IaC) and network automation tools.
- Practical experience implementing secure workflows for generative AI tools or LLMs.
Required Skills/Competencies
- Threat & Vulnerability Analysis: Analytical capability to interpret automated scan results, prioritize vulnerabilities, and formulate remediation plans.
- Cloud Security Architecture: Foundational competence in designing and securing cloud-native services and environments.
- Automation & Scripting: Ability to write utility scripts (Python, Bash, etc.) to automate security checks or integrate tools.
- SIEM Querying: Proficiency in building custom queries and alerts within SIEM platforms like Splunk.
- Collaborative Problem Solving: Exceptional interpersonal and technical communication skills to bridge security policies with developer workflows.
Education Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent work experience.
Work Location & Requirements
- NPR Remote-Permitted: This is a remote-permitted role. This role is based out of our Washington, D.C. office, but the employee may choose to work on a remote basis from a location that NPR approves. You will have the option of working (a) remotely from a location of your choosing within the United States that is supported by NPR; (b) on-site at an NPR facility, based on the availability of desks and approval from NPR; or (c) a combination of both. Regardless of where you choose to work from, you may be expected to travel to other locations from time to time to perform the duties of your position.
Job Type
- This is a full-time, exempt position.
Compensation
Salary Range: The U.S.-based anticipated salary range for this opportunity is $125,000 - $152,000 plus benefits. The range displayed reflects the minimum and maximum salaries NPR expects to provide for new hires for the position across all US locations.
NPR Benefits: NPR provides comprehensive benefits for employees and dependents. Regular, full-time employees scheduled to work 30 hours or more per week are eligible to enroll in NPR’s benefits options. Benefits include access to health and wellness, paid time off, and financial well-being. Plan options include medical, dental, vision, life/ accidental death and dismemberment, long-term disability, short-term disability, and voluntary retirement savings to all eligible NPR employees.
Does this sound like you? If so, we want to hear from you.
#LI-REMOTE
NPR is an Equal Opportunity Employer. NPR is committed to being an inclusive workplace that welcomes diverse and unique perspectives, all working toward the same goal – to create a more informed public. Qualified applicants receive consideration for employment without regard to race, color, ethnicity, national origin, ancestry, age, religion, religious belief, sex (including pregnancy, childbirth and related medical conditions, lactation, and reproductive health decisions), sexual orientation, gender, gender identity or expression, transgender status, gender non-conforming status, intersex status, sexual stereotypes, nationality, citizenship status, personal appearance, marital status, family status, family responsibilities, military status, veteran status, mental and physical disability, medical condition, genetic information, genetic characteristics of yourself or a family member, political views and affiliation, unemployment status, protective order status, status as a victim of domestic violence, sexual assault, or stalking, or any other basis prohibited under applicable law.
If you are a person with a disability needing assistance with the application process, please reach out to employeerelations@npr.org.
You may read NPR’s privacy policy to learn about how NPR may handle information you submit with any application.
Want more NPR? Explore the stories behind the stories on our NPR Extra blog. Get social with NPR Extra on Facebook and Instagram. Find more career opportunities at NPR.org/careers.
About Nationalpublicradioinc
Nationalpublicradioinc
14 other open roles at Nationalpublicradioinc on TryApplyNow.
Frequently Asked Questions
How do I apply for the Senior IT Security Engineer position at Nationalpublicradioinc?
Use the Apply button above to submit your application directly to Nationalpublicradioinc. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Is the Senior IT Security Engineer role at Nationalpublicradioinc remote?
Yes. This is a remote role. The team is based in Remote, but the position itself does not require relocating to that office.
What does a Senior IT Security Engineer at Nationalpublicradioinc earn?
Nationalpublicradioinc has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the Senior IT Security Engineer role at Nationalpublicradioinc posted?
This role was posted on July 9, 2026 (today). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
How much experience does the Senior IT Security Engineer role at Nationalpublicradioinc require?
This is a senior-level position. Most senior roles call for 5+ years of directly relevant experience. Nationalpublicradioinc lists their specific requirements in the description below, so review the must-have qualifications closely before applying.
Similar Jobs
Senior Engineering Manager, Product Security
Monarchmoney
Platform Security Engineer
Beghouconsulting
Senior Offensive Security Engineer
A3c41b8b71eff8c4
Senior Application Security Engineer
Alphasense
Engineering Manager, Reference Data
Addepar1
More Jobs at Nationalpublicradioinc
View all →Temporary Talent Acquisition Specialist, Technology
Nationalpublicradioinc
Temporary Talent Acquisition Sourcer, Technology
Nationalpublicradioinc
Temporary Talent Acquisition Coordinator
Nationalpublicradioinc
Temporary IT Service Desk Technician
Nationalpublicradioinc
Senior Supervising Producer, Newscast
Nationalpublicradioinc
AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start