This ad is expired.
Information Security Engineer
About the Opportunity
Northeastern University is looking for a highly motivated and experienced candidate for the role of Information Security Engineer. This individual reports directly to the Director of Information Security and will ensure the delivery of the Information Security Program services to achieve both business and security objectives and contributes to Information Security Operations across Northeastern University's global campus network.
Our ideal candidate should have considerable professional experience, including a proven record of leadership and a portfolio of successful projects.
At Team ITS, your success matters as much as the mission. Learn more about our flexible, highly dynamic, and values-first culture at careers.its.northeastern.edu.
This position is eligible for remote work.
- Bachelor's degree in Information Systems or Computer Science and/or equivalent combination of education and work experience.
- Demonstrated growth and service-oriented mindset
- M365 experience (ideally M365 security)
- Experience interfacing with/ managing security controls or working in a mature security control environment
- Strong systems Engineer including Powershell scripting (or python) for automation
- Experience with scripting, programming, or automation tools; vulnerability scanning tools and processes (Tenable Nessus); cloud security testing tools and processes.
- Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
- Contributes to planning, leadership, and support of campus technical initiatives and participates in strategic and long-range planning for campus network and system services.
- Participates in designing and architecture of new security hardware/software.
- Recommends and develops modifications and enhancements to existing hardware and software, new implementations, and installation standards to increase system security and improve monitoring.
- Creates programs and procedures to make internal and external business processes more efficient.
- Monitors security systems, SIEM, log files, packet captures, and network flows directly or through liaison with manage service providers to detect cybersecurity events, respond to threats, manage incidents as they arise and structure organizational Incident Response.
- Hands-on experience with architecture and implementation of key information security tools such as an enterprise SIEM and SOAR solutions, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices (experience with security technology solutions particularly QRadar, Sentinel, Defender, Intune)
- Strong ability to identify anomalous behavior on endpoint devices and/or network communications
- Experience with enterprise scale workflows, services, and architecture, including Cloud Platforms (such as M365) and applicable Cloud Security principals.
- Strong investigative mindset with an attention to detail
- Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents.
- Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems
- Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), CISM, GIAC Security Essentials (GSEC), or other relevant certifications.
- Experience with full packet capture solutions and inspection
- Well-versed in the information security issues affecting educational entities and cloud-based service providers.
- Ability to assess computer systems and business processes for security risks.
- Excellent interpersonal, written, and verbal communication, and presentation skills, including formal report writing experience.
- Experience working in Agile teams with Scrum/Kanban/etc.
- Ability to teach and collaborate.
- Experience in managing vendor relationships and partnerships (Managed Security Service Providers and Professional Services engagements) to assure that service standards and expectations are maintained and achieved.
- Must be detail-oriented, and have excellent organizational, administrative, and interpersonal skills.
- Experience Writing and preparing technical reports, and Standard Operating Procedures/Playbooks
The following Additional Qualifications are strongly preferred. If you meet some, but not all, you are still encouraged to apply; we value employees with a willingness to learn.
- Experience participating in digital forensics investigations using current technologies and practices.
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Project Management experience, Scrum/Agile preferred.
- CISM, GIAC or CISSP certifications preferred.
- Familiarity with compliance and Privacy themes is preferable, including but not limited to Privacy and legal requirements FERPA, NIST.
- Previous experience in higher education preferred.
KEY RESPONSIBILITIES & ACCOUNTABILITIES
- Responsible for providing security engineering efforts on projects for internal clients to ensure conformity with corporate information, security policy, and standards. Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security across all University systems, audience types, and applications.
- Without direct supervision, perform tasks required to ensure customer satisfaction and departmental SLA's are achieved.
- Provide Tier 1, 2, and 3 support to customers on the services provided by the department.
- Provide accurate and effective documentation on all issues and problems.
- Provide training and documentation to Tier 1 support and other department team members on emerging issues.
- Responsible for general Security Operations support including Incident Response (may require outside of regular hours as needed)
Northeastern University considers factors such as candidate work experience, education and skills when extending an offer.
Northeastern has a comprehensive benefits package for benefit eligible employees. This includes medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement- as well as commuting & transportation. Visit https://hr.northeastern.edu/benefits/ for more information.
Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
To learn more about Northeastern University's commitment and support of diversity and inclusion, please see www.northeastern.edu/diversity.
To apply, visit https://northeastern.wd1.myworkdayjobs.com/en-US/careers/job/Boston-MA-Main-Campus/Information-Security-Engineer_R114118
Copyright 2022 Jobelephant.com Inc. All rights reserved.
Posted by the FREE value-added recruitment advertising agency