Educause Security Discussion mailing list archives
Re: Job Posting: REN-ISAC Principal Security Engineer
From: "Pearson, Douglas D" <dodpears () INDIANA EDU>
Date: Tue, 25 Sep 2007 15:07:28 -0400
Additional info: Although the preferred location for the REN-ISAC Principal Security Engineer is Indiana University Bloomington, we'll consider proposals in which the individual is quartered at another REN-ISAC member campus. A host campus would benefit by having the individual "in the mix" with local security office staff, and would be making substantive contribution to the cooperative REN-ISAC effort. Under such an arrangement, the individual would be a REN-ISAC (Indiana University) salaried employee, working 100% on REN-ISAC matters. Host campus proposals should provide description of the campus contribution, e.g. space, phone, network, etc. Regards, Doug Pearson Technical Director, REN-ISAC http://www.ren-isac.net 24x7 Watch Desk +1(317)278-6630 -----Original Message----- From: Pearson, Douglas D Sent: Friday, September 21, 2007 3:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Job Posting: REN-ISAC Principal Security Engineer REN-ISAC is seeking a Principal Security Engineer. Interested candidates should visit http://www.indiana.edu/~uitshr/services/jobs/RENISAC_29241.html. Regards, Doug Pearson Technical Director, REN-ISAC http://www.ren-isac.net 24x7 Watch Desk +1(317)278-6630 ----- Position Overview: REN-ISAC [http://www.ren-isac.net] is seeking a Principal Security Engineer. Performs technical invention, implementation, and execution of REN-ISAC cyber security information products and services. Represents REN-ISAC as an authority for network security in higher education and ensures that REN-ISAC cyber security activities are executed with the highest standards. Performs complex matters at the intersections of technology, behavior, politics, communications, and persuasion. Develops and maintains rich relationships for information sharing among the higher education and broader security communities. Exerts influence to drive appropriate reactions in security response, defense, and awareness. Develops, maintains, and executes threat data gathering methods. Develops and maintains intimate working and information sharing relationships with REN-ISAC members, with individuals in private and public security collaborations and organizations, with engineers supporting national and international research and education networks, and law enforcement. Collects and analyzes information regarding known system vulnerabilities, solutions, and intrusion methods and protections. Analyzes complicated systems, protocols, interactions, and data to identify and respond to cyber security threats and vulnerabilities. Develops alert, notification, and other information products based on that analysis. Provides principal technical response to incidents that affect the REN-ISAC served community or that affect supported backbone networks. Advises and participates in the collection of technical evidence. Makes educated independent judgments regarding risk versus benefit and cost of protections. Provides recommendations on appropriate tactical and strategic security actions that could have a direct impact on important decisions made at the high levels of university IT organizations. Provides a very high level of security technical and practical expertise and consulting. Provides training and leadership to front-line watch desk technicians. Directs the technical activities of other REN-ISAC team members on a daily basis and contributes to other supervisory activities. Maintains a significant depth of knowledge in many widely varied technology areas. Assists in the development of REN-ISAC information product, strategies, and concept of operations. Assists in the development of the breadth and depth of REN-ISAC membership among higher educational institutions. Qualifications: Bachelor's degree and six years of advanced systems analysis/programming/systems administration, which includes two years of computer security/abuse incident response and investigation experience and two years of development, administration, and maintenance of security systems and software, are required. Well established contacts and a superior reputation in the higher education security community required. Security analysis and response skills of the highest caliber required. Extensive working knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (e.g. DNS, SMTP, HTTP, SSL/SSH, etc.) required. A demonstrated knowledge of tcpdump, netflow, firewalls, router ACLs is required. A demonstrated knowledge of intrusion detection and prevention devices is required. Extensive working knowledge of the Microsoft and/or UNIX operating systems, and the utilities used in system administration, system and kernel customization, security analysis tools, system logging and security incident diagnosis required. Linux system administration experience required. Excellent oral/written communication skills, and interpersonal skills required. Preferred qualifications: VMware administration experience. Extensive experience in World-Wide-Web information and application delivery. Experience with Perl and/or Python programming; ability to apply security tools in small- and large-scale vulnerability assessments (ISS, password cracking tools, etc.); and practical experience with one or more relational database packages; Experience in Macintosh operating systems and applications. Experience in a university-based technology environment. Ability to receive federal government secret security clearance. Note: Criminal history background checks will be required for all finalists and for OVPIT and UITS internal finalists with less than one year on staff. -o0o-
Current thread:
- Job Posting: REN-ISAC Principal Security Engineer Pearson, Douglas D (Sep 21)
- <Possible follow-ups>
- Re: Job Posting: REN-ISAC Principal Security Engineer Pearson, Douglas D (Sep 25)