IT Security Engineer, IT Information Security
Job no: 494762
Work type: Staff
Categories: Information Technology, Full Time
PAY GRADE: Various Levels 28S-30S
CONTEXT OF THE JOB:
IT Information Security assesses risks to University information assets and works closely with a broad range of University constituencies to implement appropriate administrative, technical, and physical controls to comply with laws, regulations, funding agency requirements and security policies. The department develops, implements, and maintains a comprehensive information security program and establishes policies, procedures, training, and awareness initiatives designed to protect University information resources, limit liability, and prevent legal and regulatory violations. In addition, IT Information Security unit defines, promotes, and enforces policies and standards to manage risks throughout the digital identity lifecycle, including user identification and authentication, user privileges and account management, in accordance with laws, regulations and contractual obligations. The technology work of this group is critical to the achievement of the IT organization's and University's strategic plans and goals.
The Security Operations group within the IT Information Security unit provides technical expertise on system and network security. The group implements and administers security policy for central IT managed systems and networks. Work involved in ensuring system and network security includes log analysis, disabling compromised systems from the network, incident handling, conducting periodic scans for vulnerabilities, firewall configuration, penetration tests, maintaining intrusion detection systems, and administering other security hardware/software installs and configurations. The unit conducts regular periodic audits to ensure that security policy is being enforced. The group partners with the IT Security Policy & Compliance group to develop and maintain security policy for the University. The group also collaborates with staff in other IT units within central IT and distributed IT. The Security Engineer is considered essential personnel and provides off-hour, on-call coverage to support the central IT systems.
The Security Engineer, IT Information Security reports to the Manager of the Security Operations group within the IT Security unit.
This is a multi-level hire. Candidates will be hired into levels that are commensurate with their experience and educational background.
- Performs log analysis, incident response, and SIEM (Security Information and Event Management) monitoring.
- Configures, maintains and analyzes IDS/IPS systems.
- Configures, maintains and analyzes traditional and application layer firewalls and other security systems.
- Conducts regular periodic vulnerability scans and acts upon the results.
- Conducts regular periodic security audits of system and network configurations. Ensures that security patches have been applied and no software versions with known security vulnerabilities are in use.
- Analyzes packet flow data (i.e. netflow, ipfix) to find compromises, intrusions, etc. or for forensic analysis.
- Works closely with the Enterprise Systems & Cloud Services and Network and Infrastructure Services units in IT to implement security policy on servers and network equipment that provide services for the University and secure network configurations.
- Consults with other groups in IT to ensure that University information security standards are being enforced.
- Provides system administration expertise, programming and analysis as related to information security considerations for systems and networks managed by IT.
- Maintains a good degree of familiarity with hardware and software supported by staff in IT. Creates programs and procedures to make internal and external business processes more efficient. Writes documentation as needed.
- Provides technical expertise and support to the campus clientele regarding departmental systems and applications when needed. Maintains a good level of technical skills in areas of specialization and basic knowledge of emerging state-of-the art computer and network systems technologies, architectures and products. Researches and evaluates future technologies and solutions.
- Establishes and maintains appropriate working relationships with colleagues and follows University and department policies and procedures governing IT efforts. Works within the department’s overall strategic plan following project priorities and scope. Meets deadlines and achieves goals.
- Performs miscellaneous job-related duties as assigned.
- Bachelor's degree with two years’ experience, or an equivalent combination of education, certification, and experience. Degree in Computer Science, Information Systems, Electrical/Computer Engineering, or other directly related field preferred.
- Experience in TCP/IP networking.
- Experience with traditional firewall configurations preferred.
- Familiarity with system/network design using principles of least privilege and separation of privilege.
- Familiarity with network and host intrusion detection systems, firewalls and other security systems.
- One or more security certifications desirable (CISSP, SANS, etc).
- Experience with system administration, system and network security, development tools and methodology, and system management in Linux and Unix environments.
- In-depth knowledge of one or more operating systems, common networking equipment, and major network protocols, and multiple technologies.
- Ability to solve problems independently, troubleshoot, diagnose, and correct systems problems.
- Analytical, evaluative, and objective critical thinking skills.
- Effective verbal and written communication, interpersonal, and organizational skills.
- Ability to work independently as well as part of a team.
- Ability to communicate technical information to non-technical users.
- Knowledge of information flow and management environments within area of operational specialty.
- Knowledge of current technological developments/trends in area of expertise.
- Knowledge of a broad range of relevant multi-user computer systems, applications, and/or equipment.
- Knowledge of computer systems analysis and design concepts, methods, procedures, and standards.
- Experience in a University computing service environment is desirable.
Applications close: Eastern Daylight Time
Back to search results Apply now Refer a friend