Job posting: REN-ISAC Lead Security Engineer

[Doug Pearson <dodpears () REN-ISAC NET>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello security@,

REN-ISAC is seeking a talented and motivated Lead Security Engineer.

https://jobs.iu.edu/joblisting/index.cfm?jlnum=10381

The position provides a unique, interesting, and compelling
opportunity to work among a global community of peers and to make a
difference at that scale.

Although we prefer a Bloomington Indiana placement we'll consider
telecommuting for the right candidate.


Thanks,

Doug Pearson
dodpears () ren-isac net
Technical Director, REN-ISAC
http://www.ren-isac.net
24x7 Watch Desk +1(317)278-6630



Job Summary: Serves as lead security engineer supporting the security
information gathering, analysis, and sharing, incident response, and
information product development activities of the Research and
Education Networking – Information Sharing and Analysis Center
(REN-ISAC).

Performs high-level analysis of complicated and disparate technical
and data architectures, by applying highly specialized training and
experiences, to identify and rectify technical and information
security threats and vulnerabilities. Performs analysis of cyber
security vulnerability and threat; and develops alerts, notifications,
and other information products based on that analysis. Provides
response to cyber security incidents that affect supported networks or
that have wide-spread affect in the R&E sector.

Develops new information resources, analysis techniques, and
information products; and develops relationships and works closely
with security and network engineers supporting higher education
institutions and national and international R&E networks, with private
security collaborations, with REN-ISAC members, and with collaborators
in the formal US ISAC structure.

Scope of work is in direct service to all institutions of higher
education, and in support of efforts to protect national
cyber-infrastructure through the formal US ISAC structure. Effort
involves interaction and coordination with a wide-range of technical
staff, primarily external to the University. Makes recommendations as
to risk versus benefit and cost of protections; and provides reports
and recommendations on appropriate tactical and strategic security
actions. Provides input that could have a direct impact on important
technology decisions made at the high levels of university information
technology organizations. Participates in and lead computer emergency
response teams; provides very high level of security technical and
practical expertise and consulting; and provides training and
leadership to front-line watch desk technicians. Must gain and
maintain a significant depth of knowledge in many widely varied
technology areas; and participates in the administration and
development of REN-ISAC systems and tools.


Qualifications: Review your qualifications prior to applying to ensure
that you meet the minimum qualifications for the position. Resume and
cover letter required.

REQUIRED: Bachelor’s degree and four years of experience in advanced
systems analysis, programming, or systems administration, computer
incident response and investigation.

Combinations of related education and experience may be considered.

Demonstrated knowledge of the following: IP protocols and related
network applications (e.g. DNS, SMTP, HTTP, etc.); tcpdump, netflow,
firewalls, router ACLs; and intrusion detection and prevention
devices. Extensive knowledge of security vulnerabilities and attack
methods; and extensive working knowledge of the Microsoft and UNIX
operating systems, Active Directory, and utilities used in system
administration and customization. Working knowledge of security
analysis tools, system logging, and security incident diagnosis.

Ability to effectively communicate and document in the areas of
primary responsibility; excellent oral and written communication,
presentation, and interpersonal skills; and a high level of accuracy,
dependability and responsibility.

Preferred: Bachelor’s degree in computer science or other IT related
field; two years of experience in development, administration, and
maintenance of security systems and software; extensive experience in
web information and application delivery; Perl programming; ability to
apply security tools in small- and large-scale vulnerability
assessments (vulnerability scanners, password cracking tools, etc.);
practical experience with one or more relational database packages;
established relationships in the global community of cyber security
defenders; experience in Macintosh operating systems and applications;
experience in a university-based technology environment.

Other: Research and Education Networking – Information Sharing and
Analysis Center (REN-ISAC) - http://www.ren-isac.net/

Applications accepted until March 6, 2014, or until position is filled.

- -o0o-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlMBE4gACgkQ3KG5QWpMk2QhnQCfR5wck9FNQCh2ldGRbudqOZCU
G9kAmwQj7Tmc5uZNDqlyY/CzZ6T74H4y
=kQed
-----END PGP SIGNATURE-----