Job: Senior InfoSec Engineer - Best Practice/Pentest/Consult/Tools - CMU

[Ted Pham <telamon () CMU EDU>]

I'm hiring for a senior level information security engineer focusing on defining application/systems best practice, 
performing penetration testing & assessment, consulting internally and acquiring/developing/implementing tools.  
Certification and education are a plus, but what I'm really looking for is a creative person with hard experience, who 
still wants to learn, who gets the big picture and who can motivate/mentor others to do the right thing.

Title: Senior Information Security Engineer-100018

Qualifications & Apply: https://cmu.taleo.net/careersection/2/jobdetail.ftl?lang=en&job=100018

Description:

Carnegie Mellon University's Information Security Office has an immediate need for a Senior Information Security 
Engineer (SISE).
 
The Senior Information Security Engineer (SISE) is responsible for architecture, design, and implementation tasks 
related to the deployment of the University information security program by:
 
- Creating and evangelizing best practices, guidelines and standards for application and system level data protection 
related to the development, acquisition and implementation of services, as well as secure coding techniques
 
- Performing attack and penetration tests, security assessments and audits of both new and existing systems and 
services against policies, best practices and procedures
 
- Providing technical consulting advice across the division and campus to ensure that security is factored into the 
evaluation, selection and configuration of hardware, applications and software
 
- Evaluating, building, implementing and/or supporting tools to enable security through automation, integration and 
aggregation while working with those operationally responsible for these tools and systems
 
- Maintaining awareness of emerging security technologies, trends and threats while making recommendations for use 
based on business value and driving changes needed for proper response
 
- Participating on the incident response team ensuring that incidents and actions for remediation are addressed and 
communicated in a timely fashion
 
- Having the ability to work on projects with minimal guidance from managers and assuming responsibility for the 
success of those projects
 
- Leading projects within the Information Security Office and providing direction & training to lower level staff
 
- Participating in 24x7 on call rotations for intrusion monitoring, incident response and infrastructure maintenance 
which may necessitate coming to campus at off-hours
 
Carnegie Mellon embraces diversity as a core value - central and indivisible from the pursuit of intellectual and 
artistic excellence.


Ted Pham
Information Security Office
Carnegie Mellon University