Information Security Operations Engineer
- Employer
- Princeton University
- Location
- New Jersey, United States
- Salary
- Salary Not specified
- Date posted
- Nov 4, 2022
View more
- Position Type
- Administrative, Business & Administrative Affairs, Computer Services & Information Technology
- Employment Level
- Administrative
- Employment Type
- Full Time
You need to sign in or create an account to save a job.
Information Security Operations Engineer
US-NJ-Princeton
Job ID: 2022-15863
Type: Full-Time
# of Openings: 1
Category: Information Technology
Princeton University
Overview
Princeton University is seeking a talented Information Security Operations Engineer to join its Information Security Office (ISO). This engineer reports to the Senior Manager of Information Security Operations and is responsible for day-to-day monitoring and maintenance of the information security tools used by the team. As an engineer, you are highly skilled in computing and data security systems and, with ISO leadership, leverage monitoring tools to enhance the security of Princeton's network and systems and its response to threats. You will also gain a clear understanding of the campus culture, policies, governance, and infrastructure. In this role, you are focused on the integrity of and access to University systems and the tools used to provide that insight. As part of your responsibilities, you will also work on continuous process improvement, proactive solutions, and automation, as well as documentation, reporting, and best practices. The Security Operations Engineer stays abreast of current security threats and vulnerabilities, and participates in the ISO investigation of emerging threats, services, and solutions for the university information security posture. The engineer also partners with ISO leadership and technical colleagues to research and resolve security issues, and contributes to ISO efforts to raise the importance of information security awareness across campus.
Responsibilities
- Serve as the technical lead within the Information Security Operations group, and effectively monitor, identify, and respond to security threats and vulnerabilities.
- Configure, troubleshoot, and maintain security infrastructure software and hardware.
- Employ technical analysis to identify information security incidents and determine best response and remediation strategies.
- In the event of an information security incident, participate in the response with ISO leadership and other OIT personnel.
- Maintain knowledge of emerging security monitoring tools, as well as participate in the evaluation of new tools to help ensure the security monitoring services for Princeton’s computing environment is current and meets team needs.
- Regularly review relevant cybersecurity sites and bulletins, such as REN-ISAC and Krebs on Security and others, to help ensure the University is as current as possible with information on perceived and existing threats to its information systems and data integrity, customer accounts, and networked devices.
- Participate in training support staff to advance the understanding of security concepts, threats and threat methodology, and monitoring tools, and enhance overall support to the Princeton community.
- Coordinate and/or author articles for the Knowledgebase in support of the ISO mission and resources.
Qualifications
Essential Qualifications
- A minimum of 5 years of experience in the following:
- Security and network monitoring and reporting tool evaluation/deployment
- Incident response management and procedures
- Solid understanding of IDS/IPS systems configuration and management
- Interpretation of security alerts, analysis of exploit trends and threat feeds
- Experience using SIEM solutions, especially LogRhythm SIEM for detection and management of security incidents, including fine-tuning and configuration of reporting, dashboards and alerts
- In depth knowledge of computer security and network monitoring tools, and the ability to assess and recommend the appropriate tools for Princeton
- In depth knowledge of network architectures and data flows
- Broad understanding and experience with a variety of technologies including vendor-neutral user and system authentication, authorization techniques, and security/data protection methods
- Strong interpersonal and communication (oral and written) skills, and the ability to work effectively individually, in teams, and with a diverse user base having varied levels of technical proficiency
- Education: Bachelor’s degree or equivalent experience.
- CISSP or GIAC certification
- Proficiency with LogRhythm SIEM, Windows, Unix/Linux, and Mac OS
- Experience with the McAfee Security Suite (e.g. SIEM, EPO), or equivalent set of tools
- Experience in higher education IT
PI196155114
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert