Information Security Engineer, Information Security Office (ISO)

–

2005545

Description

:

The Information Security Office (ISO), part of Carnegie Mellon University’s Computing Services, collaborates with the campus community to protect Carnegie Mellon from and to respond to threats to our electronic information resources and computing and networking infrastructure. ISO services include security awareness training and presentations, information security consulting, security assessments including attack & penetration testing, incident response, and assistance Obtaining SSL Web Certificates.

We are seeking an Information Security Engineer to join our dynamic team. In this role, you are responsible for monitoring, investigation, response and support tasks related to the operation of the University’s information security program. These responsibilities

include:
Monitoring and responding to network intrusion and vulnerability alerts raised by automated detection systems, internal & external reports and manual investigation

Executing incident response procedures and Information Security Office (ISO) processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers

Assisting campus IT personnel technically and procedurally with incident handling and E-Discovery requests

Participating in projects within the ISO to improve and automate processes and tools through evaluation, implementation and/or development as well as providing consulting across the division and campus

Investigating incident root cause & scope using host and network based forensics when called for by the incident response plan

Handling service support requests for certificate authority, vulnerability scanning, data loss protection and endpoint security

Providing documentation and announcements for security & abuse issues and current threats

Working at the direction of supervisor, Incident Response Coordinator, and/or the Director to obtain and search forensic evidence for legal cases and subpoena compliance per Office of General Counsel requests.

Participating in 24×7 on call rotations for intrusion monitoring, incident response and infrastructure maintenance which may necessitate coming to campus at off-hours

Sharing responsibility for maintaining documentation on all incidents and job related procedures

Occasionally working with other groups in the division to secure infrastructure as needed

Potentially assessing systems for vulnerabilities in design and implementation as well as penetration testing of hosts and client/server & web applications

Qualifications:
Bachelor’s degree or equivalent in experience (as evidenced by employment history, professional certification, and/or academic track record) required; Master’s degree preferred

At least 3-5 years of system/software design, administration, and/or engineering experience required

Expertise with a variety of operating systems including Windows, Macintosh, and/or Linux

Ability to diagnose and respond to computer and network security incidents

Experience in obtaining forensic data in support of University Counsel and on-going incidents

Experience in providing guidance and ensure compliance with incident response procedures; evaluate security threats and applicability to a given environment;

Experience with security control services such as certificate authority, vulnerability scanning, data loss protection and endpoint security

Excellent interpersonal communication skills (both verbal and written) and excellent technical and problem solving skills throughout all duties

CISSP, GSEC, GCFE, or other information security practitioner certificates preferred

Preferred Experience:
Five years or more experience in information technology and/or computer and network security in an academic environment. Prior experience working with law enforcement, fulfilling subpoena requests, maintaining chain of custody requirements and conducting host and network forensics is preferred. Familiarity with encryption tools and scripting/programming. One or more years of experience in any of security assessments/audits, penetration testing, secure application or information system design or equivalent

Preferred Skills:
Strong technical skills in forensic methods, multiple operating systems and file systems (i.e. Mac, Windows and Unix), multiple databases (Oracle, MySQL,etc.), multiple data storage technologies (SAN, tape, etc.), enterprise systems (e.g. e-mail, collaboration software, ERP). Proficiency with scripting or programming languages (Ruby, Python, Perl, AutoIt, VB, C, C++, Java, etc…) Ability to perform host, network, application and database vulnerability assessment and remediation. Ability to independently conduct technical evaluations of threats and security elements of new services.

More Information:
Carnegie Mellon University is a private, global research university that stands among the world’s most renowned education institutions. With ground-breaking brain science, path-breaking performances, creative start-ups, big data, big ambitions, hands-on learning, and a whole lot of robots, CMU doesn’t imagine the future, we invent it. If you’re passionate about joining a community that challenges the curious to deliver work that matters, your journey starts here!

Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world

www.cmu.edu/jobs/why-cmu/

A listing of employee benefits is available at:
www.cmu.edu/jobs/benefits-at-a-glance/

.

Carnegie Mellon University considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.

Job Function

:

Information Technology

Primary Location

:

United States-Pennsylvania-Pittsburgh

Time Type

:

Full Time

Organization

:

INFORMATION SECURITY OFFICE (COMP SVCS)

Minimum Education Level

:

Bachelor’s Degree or equivalent

Salary

:

Negotiable