Re: Job Posting: REN-ISAC Principal Security Engineer

["Pearson, Douglas D" <dodpears () INDIANA EDU>]

Additional info:

Although the preferred location for the REN-ISAC Principal Security
Engineer is Indiana University Bloomington, we'll consider proposals in
which the individual is quartered at another REN-ISAC member campus. A
host campus would benefit by having the individual "in the mix" with
local security office staff, and would be making substantive
contribution to the cooperative REN-ISAC effort. Under such an
arrangement, the individual would be a REN-ISAC (Indiana University)
salaried employee, working 100% on REN-ISAC matters. Host campus
proposals should provide description of the campus contribution, e.g.
space, phone, network, etc.


Regards,

Doug Pearson
Technical Director, REN-ISAC
http://www.ren-isac.net
24x7 Watch Desk +1(317)278-6630


-----Original Message-----
From: Pearson, Douglas D
Sent: Friday, September 21, 2007 3:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Job Posting: REN-ISAC Principal Security Engineer

REN-ISAC is seeking a Principal Security Engineer. Interested
candidates should visit
http://www.indiana.edu/~uitshr/services/jobs/RENISAC_29241.html.

Regards,

Doug Pearson
Technical Director, REN-ISAC
http://www.ren-isac.net
24x7 Watch Desk +1(317)278-6630

-----

Position Overview:

REN-ISAC [http://www.ren-isac.net] is seeking a Principal Security
Engineer. Performs technical invention, implementation, and execution
of REN-ISAC cyber security information products and services.
Represents REN-ISAC as an authority for network security in higher
education and ensures that REN-ISAC cyber security activities are
executed with the highest standards. 
 
Performs complex matters at the intersections of technology,
behavior, politics, communications, and persuasion. Develops and
maintains rich relationships for information sharing among the higher
education and broader security communities.  Exerts influence to
drive appropriate reactions in security response, defense, and
awareness.  Develops, maintains, and executes threat data gathering
methods. Develops and maintains intimate working and information
sharing relationships with REN-ISAC members, with individuals in
private and public security collaborations and organizations, with
engineers supporting national and international research and
education networks, and law enforcement. Collects and analyzes
information regarding known system vulnerabilities, solutions, and
intrusion methods and protections. 
 
Analyzes complicated systems, protocols, interactions, and data to
identify and respond to cyber security threats and vulnerabilities.
Develops alert, notification, and other information products based on
that analysis. Provides principal technical response to incidents
that affect the REN-ISAC served community or that affect supported
backbone networks. Advises and participates in the collection of
technical evidence. Makes educated independent judgments regarding
risk versus benefit and cost of protections. Provides recommendations
on appropriate tactical and strategic security actions that could
have a direct impact on important decisions made at the high levels
of university IT organizations. Provides a very high level of
security technical and practical expertise and consulting.  Provides
training and leadership to front-line watch desk technicians. Directs
the technical activities of other REN-ISAC team members on a daily
basis and contributes to other supervisory activities. Maintains a
significant depth of knowledge in many widely varied technology
areas. Assists in the development of REN-ISAC information product,
strategies, and concept of operations. Assists in the development of
the breadth and depth of REN-ISAC membership among higher educational
institutions. 

Qualifications: Bachelor's degree and six years of advanced systems
analysis/programming/systems administration, which includes two years
of computer security/abuse incident response and investigation
experience and two years of development, administration, and
maintenance of security systems and software, are required. Well
established contacts and a superior reputation in the higher
education security community required. Security analysis and response
skills of the highest caliber required. Extensive working knowledge
of the IP protocol suite, specifically relating to TCP and UDP
protocol behavior and interdependencies with the applications suite
(e.g. DNS, SMTP, HTTP, SSL/SSH, etc.) required. A demonstrated
knowledge of tcpdump, netflow, firewalls, router ACLs is required. A
demonstrated knowledge of intrusion detection and prevention devices
is required. Extensive working knowledge of the Microsoft and/or UNIX
operating systems, and the utilities used in system administration,
system and kernel customization, security analysis tools, system
logging and security incident diagnosis required. Linux system
administration experience required. Excellent oral/written
communication skills, and interpersonal skills required. 

Preferred qualifications: VMware administration experience. Extensive
experience in World-Wide-Web information and application delivery. 
Experience with Perl and/or Python programming; ability to apply
security tools in small- and large-scale vulnerability assessments
(ISS, password cracking tools, etc.);  and practical experience with
one or more relational database packages; Experience in Macintosh
operating systems and applications. Experience in a university-based
technology environment. Ability to receive federal government secret
security clearance. 

Note: Criminal history background checks will be required for all
finalists and for OVPIT and UITS internal finalists with less than
one year on staff.

-o0o-