Job: Junior InfoSec Engineer - Monitoring/Incident Response/Admin - CMU

[Ted Pham <telamon () CMU EDU>]

I'm hiring for a junior level information security engineer focusing on day to day operations.  Some security admin or 
forensics experience is preferred.  But primarily I'm looking for someone with a solid understanding of network, web, 
email, application and operating system concepts; who is a quick study and who is motivated to learn on the job.

Title: Information Security Engineer-9530

Qualifications & Apply: https://cmu.taleo.net/careersection/2/jobdetail.ftl?lang=en&job=9530

Description:
 
Carnegie Mellon University's Information Security Office has an immediate need for an Information Security Engineer 
(ISE).
  
The Information Security Engineer (ISE) is responsible for monitoring, investigation, response and support tasks 
related to the operation of the University's information security program by:
 
- Monitoring and responding to network intrusion and vulnerability alerts raised by automated detection systems, 
internal & external reports and manual investigation

- Executing incident response procedures and Information Security Office (ISO) processes to identify computer security 
incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating 
with both internal and external customers and escalating as necessary

- Investigating incident root cause & scope using host and network based forensics when called for by the incident 
response plan

- Assisting campus IT personnel technically and procedurally with incident handling and E-Discovery requests

- Handling service support requests for two factor authentication, virtual private networking, certificate authority 
and web proxies

- Providing documentation and announcements for security & abuse issues and current threats

- Working with University Counsel to obtain, interpret and search forensic evidence for legal cases and subpoena 
compliance (E-Discovery)

- Participating in 24x7 on call rotations for intrusion monitoring, incident response and infrastructure maintenance 
which may necessitate coming to campus at off-hours

- Sharing responsibility for maintaining documentation on all incidents and job related procedures

- Participating in projects within the ISO and providing consulting across the division and campus

- Occasionally working with other groups in the division to secure infrastructure as needed

- Potentially assessing systems for vulnerabilities in design and implementation as well as penetration testing of 
hosts and client/server & web applications

Carnegie Mellon embraces diversity as a core value - central and indivisible from the pursuit of intellectual and 
artistic excellence.


Ted Pham
Information Security Office
Carnegie Mellon University