The Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) serves over 750 member institutions across multiple countries (US, Canada, UK, Australia and New Zealand) within the higher education and research community by promoting cybersecurity operational protections and response. Our team also acts as the Computer Security Incident Response Team (CSIRT) for the research and education community at large, including non-members.
This position is listed with the technical operations team. This team manages both internal and external technology for our organization.
Job Summary
Department -Specific Responsibilities
Architects, designs, implements, maintains, and operates information security systems
Acts as a senior member of the technical operations team, oversees and trains junior members of the team.
Analyzes and recommends security controls and procedures for the organization's information systems and provides oversight to ensure compliance.
Monitors systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management.
Analyzes trends, news and changes in the threat and compliance environments with respect to organizational and constituency risk.
Develops and executes plans and initiatives for compliance, mitigation of risk, and improvement of overall security posture both for REC-ISAC and its communities.
General Responsibilities
Designs, develops, and implements advanced information security software and systems to address security exposures and potential threats; evaluates, recommends, and implements vended security software.
Acts as point of escalation for response to information security incidents; may provide leadership for information security emergency response teams and/or for other information security projects.
Provides advanced level of information security technical and practical consulting; makes recommendations on appropriate strategic security actions; performs digital forensic investigations as appropriate.
Develops and implements advanced solutions to address complicated information security vulnerabilities and threats; partners with information security analysts to ensure exposures and risks are avoided and/or addressed.
Documents solutions and may write reports and/or papers as needed.
Researches and stays abreast of current higher education information security environment and trends; stays up-to-date on information security engineering best practices, tools, and approaches; disseminates information to team members and junior peers to promote best practices as appropriate.
Collaborates and participates in committees to share and improve information security practices across the university.
Often provides guidance and support to junior peers.
Qualifications
Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.
EDUCATION
Required
Bachelor's degree (preferably in Computer Science or related field)
WORK EXPERIENCE
Required
5 years of information security or related experience
Preferred
Experience in Higher Education Cyber Security sector
Familiarity or experience with REN-ISAC's mission, constituency and services is a plus
SKILLS
Required
Proficient communication skills
Maintains a high degree of professionalism
Demonstrates time management and priority setting skills
Demonstrates a high commitment to quality
Possesses flexibility to work in a fast paced, dynamic environment
Seeks to acquire knowledge in area of specialty
Highly thorough and dependable
Demonstrates a high level of accuracy, even under pressure
Possesses a high degree of initiative
Ability to influence internal and/or external constituents
Creativity in identifying complex problems and finding solutions quickly and accurately
Attention to detail in communicating technical issues and implementing solutions
Mental discipline in conducting lengthy investigations
Ability to change priorities as incidents and threats develop or evolve
Demonstrates ability to apply security tools in small- and large-scale vulnerability assessments (vulnerability scanners, password cracking tools, etc.)
Demonstrates in-depth knowledge of Microsoft Windows or Unix-like operating systems
Preferred
Public speaking
Working Conditions / Demands
This role requires the ability to effectively communicate and to operate a computer and other standard office productivity equipment. The position involves sedentary work as well as periods of time moving around an office environment and the campus. The person in this role must be able to perform the essential functions with or without an accommodation.
Work Location
Bloomington, Indiana
This position is eligible for remote work, subject to change in the future based on university policy and business needs.
Benefits Overview
For full-time staff employees, Indiana University offers a wide array of benefits including:
Multiple plan options for medical insurance
Dental insurance
Health Savings Account with generous IU contribution
Life insurance, LTD, and AD&D options
Base retirement plan contribution from IU, subject to vesting
Additional supplemental retirement plan options
Tuition benefit for IU classes
10 paid holidays per year
Generous Paid Time Off
Paid Parental Leave
Employee Assistance Program (EAP)
Learn more about our benefits by reviewing our online Benefits Brochure.
Job Classification
Career Level: Advanced
FLSA: Exempt
Job Function: Information Technology
Job Family: IT Security & Privacy Click here to learn more about Indiana University's Job Framework.
Posting Disclaimer
This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.
If you wish to include a cover letter, you may include it with your resume when uploading attachments.
Equal Employment Opportunity
Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment based on individual qualifications. Indiana University prohibits discrimination based on age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University's Notice of Non-Discrimination here which includes contact information.
Campus Safety and Security
The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online. You may also request a physical copy by emailing IU Public Safety at iups@iu.edu or by visiting IUPD.