IT Security Engineer

SEI, IT, Network, Engineering, Systems, Computer, Security, CISSP, Linux
Full Time
Travel not required

Job Description

What We Do:

The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.

Position Summary:

At the SEI, we are on the search for an additional member of the IT Network and Infrastructure Engineering Group to join our growing team. Are you looking for an organization with world renowned technical specialists that is backed from an extraordinary university? Then this could be the place for you! In this position, you will be responsible for the administration of enterprise information security systems and the analysis, auditing, investigation, and follow-up of the data generated by those systems. Information security systems in the purview of this position include Intrusion Detection Systems (IDS), Endpoint Detection and Response, netflow systems, DNS monitoring, email security appliances, vulnerability and web application scanning, and log/event correlation systems. This position will also aid in the development of security practices and participate in the overall information security mission of the organization, for example advising other administrators during system deployments as to accurate security considerations. This position will also collaborate closely with research programs within the SEI that perform ground breaking research on information security topics to integrate their research into practical enterprise-scale applications.




Requirements:


  • Bachelor degree in Computer Science, Information Science, Information Technology with at least (3) three years of experience. Candidates with a degree in other technical fields (e.g., engineering) and/or years of meaningful experience as described above will be considered as well.

  • Daily foot travel between buildings in and around the CMU campus. Infrequent business travel required, usually to the Washington, DC area (approx. 4 times/year).

  • Weekends and after-hour work as necessary, especially during security incidents and emergencies.

  • You will be subject to a background check and will need to acquire and maintain a Department of Defense security clearance.



Duties:


  • You will be responsible for the administration of tools, systems, and appliances which support the information security function.

  • You will operate IDS and EDR solutions, manage rulesets, indicators, and threat intelligence which support the information security function.

  • Perform forensic tasks associated with investigations. In addition to network and host forensics, this includes documentation, communications with partners, and engaging with outside organizations where appropriate.

  • Improve the enterprise security posture through process improvement, policy, automation, and the continuous evolution of capabilities.

  • Determine the efficiency of security controls, identify risks and gaps, and take initiative to make improvements.

  • Involvement with PKI including issuing certificates, providing guidance to stakeholders, contribute to policy and strategy, etc.



Knowledge, Skills and Abilities:


  • Proven troubleshooting and customer service skills and an ability to work as part of a team.

  • Computer hardware installation and configuration required on a periodic basis, sometimes involving transport of heavy objects.



Desired Experience:


  • Experience in at least some the following information security areas, performed as a primary job task: security-related network flow capture and analysis, Snort/Sourcefire IDS administration with signature development, or forensic investigation and analysis of suspect systems using network-related security indicators as part of the investigation.

  • Security-related certification such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), SANS GIAC, CompTIA Security+, etc.

  • Experience with SIEM tools such as Splunk, QRadar, AcrSight.

  • Operational experience in systems administration or production enterprise systems.

  • Some experience with general network administration and administration of services in a Linux-based environment is required.




More Information:

Please visit " Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu / jobs/benefits-at-a-glance/.

Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
Dice Id : SOFTENG
Position Id : 2015061
Originally Posted : 7 months ago
Have a Job? Post it

Similar Positions

Information Security Engineer
  • Kforce Technology Staffing
  • Pittsburgh, PA
Information Security Engineer
  • ConsultUSA
  • Warrendale, PA
Senior Cloud Security Engineer
  • Vortalsoft Inc
  • Pittsburgh, PA
Cyber Security Analyst
  • 3coast
  • Akron, OH