Security Engineer

• Monitors network traffic and responds promptly to threats by determining the criticality of alerts and enriching them with relevant data to guide corrective actions; proactively mitigates risks before breaches occur.
• Builds partnerships and relationships across the university community and performs ticketing, remediation, and follow-up on all assigned security events, alerts, and vulnerabilities.
• Participates in incident response activities and analyzes security incidents to identify root causes and makes recommendations for process improvements and adjustments to security controls.
• Contributes to the development and implementation of security solutions to mitigate risks; Creates, executes, and monitors security protocols to protect information, network infrastructure, and computer systems.
• Provides support in the administration of IDS/IPS, DLP, firewalls, SEIM/SOAR, and other related security tools and services.
• Supports cybersecurity awareness campaigns and community engagement by participating in educating staff on information system security best practices to enhance overall security awareness within the organization.
• Participates in on call rotation schedules ensuring 24×7 coverage for escalated issues outside of normal operating hours.
• May provide support with eDiscovery and data forensics activities.

• Passionate cybersecurity professional that is self-motivated, detail-oriented, and able to maintain composure in challenging situations.
• Experience in security operations center (SOC) environment leveraging an enterprise SEIM and other related tools to aid in the monitoring for irregularities, identifying security risks and investigating events to determine necessary corrective action.
• Applied knowledge of NIST 800-171 and MITRE ATT&CK framework and their application in security operations and incident response.
• Strong foundations in network infrastructure and ability to demonstrate knowledge of system security requirements.
• Focused ability to define, document, recommend, review and improve processes and procedures.
• Experience with hybrid infrastructure environments (mix of on premise, cloud, PaaS and SaaS). IPv6 experience preferred.
• Experience administering and leveraging security appliances and systems supporting intrusion detection and response, data loss prevention, incident response, and endpoint protection.
• Experience working across key IT functional areas including systems, engineering, networking, and application/web services.
• Knowledge of system administration principles, including system monitoring, hardening, and performance optimization and familiarity with containers and container management.
• Effective problem-solving, communication, and collaboration skills, and ability to effectively balance multiple concurrent tasks.
• Ability to lead and take ownership of projects and deliverables.
• Experience in working in a higher education, research and/or academic medical center.
• Excellent verbal and written communication skills; ability to prepare and present comprehensive presentations to IT and business executives.
• Passion for building systems, a willingness to learn, and the ability to program, along with strong, applied systems engineering skills.

The university is an Equal Employment Opportunity/Affirmative Action employer that does not unlawfully discriminate in any of its programs or activities on the basis of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, or on any other basis prohibited by applicable law.