Principal Security Engineer (Information Security Engineer) at Indiana University in Bloomington, Indiana

Job Description:

Department



UITS REN-ISAC (UA-DRSC-IUBLA)



Department Information



The Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) serves over 750 member institutions across multiple countries (US, Canada, UK, Australia and New Zealand) within the higher education and research community by promoting cybersecurity operational protections and response. Our team also acts as the Computer Security Incident Response Team (CSIRT) for the research and education community at large, including non-members.


This position is listed with the technical operations team. This team manages both internal and external technology for our organization.



Job Summary



Department -Specific Responsibilities

• Architects, designs, implements, maintains, and operates information security systems


• Acts as a senior member of the technical operations team, oversees and trains junior members of the team.


• Analyzes and recommends security controls and procedures for the organization's information systems and provides oversight to ensure compliance.


• Monitors systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management.


• Analyzes trends, news and changes in the threat and compliance environments with respect to organizational and constituency risk.


• Develops and executes plans and initiatives for compliance, mitigation of risk, and improvement of overall security posture both for REC-ISAC and its communities.

General Responsibilities

• Designs, develops, and implements advanced information security software and systems to address security exposures and potential threats; evaluates, recommends, and implements vended security software.


• Acts as point of escalation for response to information security incidents; may provide leadership for information security emergency response teams and/or for other information security projects.


• Provides advanced level of information security technical and practical consulting; makes recommendations on appropriate strategic security actions; performs digital forensic investigations as appropriate.


• Develops and implements advanced solutions to address complicated information security vulnerabilities and threats; partners with information security analysts to ensure exposures and risks are avoided and/or addressed.


• Documents solutions and may write reports and/or papers as needed.


• Researches and stays abreast of current higher education information security environment and trends; stays up-to-date on information security engineering best practices, tools, and approaches; disseminates information to team members and junior peers to promote best practices as appropriate.


• Collaborates and participates in committees to share and improve information security practices across the university.


• Often provides guidance and support to junior peers.

Qualifications



Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.


EDUCATION



Required

• Bachelor's degree (preferably in Computer Science or related field)

WORK EXPERIENCE



Required

• 5 years of information security or related experience

Preferred

• Experience in Higher Education Cyber Security sector


• Familiarity or experience with REN-ISAC's mission, constituency and services is a plus

SKILLS



Required

• Proficient communication skills


• Maintains a high degree of professionalism


• Demonstrates time management and priority setting skills


• Demonstrates a high commitment to quality


• Possesses flexibility to work in a fast paced, dynamic environment


• Seeks to acquire knowledge in area of specialty


• Highly thorough and dependable


• Demonstrates a high level of accuracy, even under pressure


• Possesses a high degree of initiative


• Ability to influence internal and/or external constituents


• Creativity in identifying complex problems and finding solutions quickly and accurately


• Attention to detail in communicating technical issues and implementing solutions


• Mental discipline in conducting lengthy investigations


• Ability to change priorities as incidents and threats develop or evolve


• Demonstrates ability to apply security tools in small- and large-scale vulnerability assessments (vulnerability scanners, password cracking tools, etc.)


• Demonstrates in-depth knowledge of Microsoft Windows or Unix-like operating systems

Preferred

• Public speaking

Working Conditions / Demands



This role requires the ability to effectively communicate and to operate a computer and other standard office productivity equipment. The position involves sedentary work as well as periods of time moving around an office environment and the campus. The person in this role must be able to perform the essential functions with or without an accommodation.



Work Location



Bloomington, Indiana


This position is eligible for remote work, subject to change in the future based on university policy and business needs.



Benefits Overview



For full-time staff employees, Indiana University offers a wide array of benefits including:

• Multiple plan options for medical insurance


• Dental insurance


• Health Savings Account with generous IU contribution


• Life insurance, LTD, and AD&D options


• Base retirement plan contribution from IU, subject to vesting


• Additional supplemental retirement plan options


• Tuition benefit for IU classes


• 10 paid holidays per year


• Generous Paid Time Off


• Paid Parental Leave


• Employee Assistance Program (EAP)

Learn more about our benefits by reviewing our online Benefits Brochure.



Job Classification



Career Level: Advanced


FLSA: Exempt


Job Function: Information Technology


Job Family: IT Security & Privacy
Click here to learn more about Indiana University's Job Framework.



Posting Disclaimer



This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.


If you wish to include a cover letter, you may include it with your resume when uploading attachments.



Equal Employment Opportunity



Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment based on individual qualifications. Indiana University prohibits discrimination based on age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University's Notice of Non-Discrimination here which includes contact information.



Campus Safety and Security



The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online. You may also request a physical copy by emailing IU Public Safety at iups@iu.edu or by visiting IUPD.



Contact Us



Request Support
Telephone: 812-856-1234 Apply Now