Jobs - OmniSOC security engineers, threat hunt and intel focus

["Graves, Rich" <rxgraves () IU EDU>]

Happy new year. The growing OmniSOC at Indiana University (https://omnisoc.iu.edu/) posted two new positions over the 
holidays. They are open until filled, but we plan to start phone/video interviews in about two weeks, so if you know 
anyone, don't delay. To apply for either position, search https://jobs.iu.edu/ for 290638

1) Lead security engineer[*] with focus on (mostly) network and (some) host IDS analysis and threat hunting. Some work 
with honeypots and vulnerability scan data for risk assessment/incident verification; we are not in a vulnerability 
management role. This is a new position to expand the group as we onboard new sites.
2) Lead security engineer[*] with threat intel integration focus. Includes both input and output -- strategizing how to 
enrich SIEM data at scale on one hand, and extract actionable threat feeds from our findings on the other. This is on 
the functional side, not a sysadmin role -- there's a separate platform team for that.

* - IU job titles go Junior -> Senior -> Lead -> Principal. So "lead" indicates the second highest 
classification/salary band, not team lead/manager responsibility. Scott Orr is manager of the SOC team and Rich Graves 
will supervise the threat intel work.

I encourage applicants who could bring diversity of experience and background. The current security engineering team 
members followed similar paths from university network & system administration into information security (with a bit of 
Army service too). Don't rule yourself out; if you think different(ly), that may be exactly what we need.

OmniSOC has staff in both Indianapolis and Bloomington, Indiana (an hour plus of sometimes bad traffic apart). I work 
remotely. In theory, the right candidate could work any time, anywhere. We collaborate with member institutions and 
each other via text chat, video, git, ServiceNOW, etc. I have travelled for conferences, member meetings, and planning 
retreats about 4 or 5 times per year. If you're in Indiana, you'd travel less.

One of the perks of working in higher ed is that we get to talk unusually openly about what we do and how it went. Some 
things to look at:
- OmniSOC: One Year of Helping Secure Higher Education at Internet2 TechEx 
https://meetings.internet2.edu/2019-technology-exchange/detail/10005569/
- OmniSOC: A Shared Cyber-Defense Center for Higher Education Powered by ELK 
https://www.elastic.co/webinars/shared-cyber-defense-center-for-higher-education-powered-by-ELK
- Various press appearances at https://omnisoc.iu.edu/blog/  

Because of similar qualifications, HR grouped these in one posting. To apply, search https://jobs.iu.edu/ for 290638

Rich Graves <rxgraves () iu edu>
Principal Security Engineer
https://OmniSOC.iu.edu/

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: smime.p7s
Description: