Information Security Operations Engineer

Information Security Operations Engineer

US-NJ-Princeton

Job ID: 2022-15863
Type: Full-Time
# of Openings: 1
Category: Information Technology

Princeton University

Overview

Princeton University is seeking a talented Information Security Operations Engineer to join its Information Security Office (ISO). This engineer reports to the Senior Manager of Information Security Operations and is responsible for day-to-day monitoring and maintenance of the information security tools used by the team. As an engineer, you are highly skilled in computing and data security systems and, with ISO leadership, leverage monitoring tools to enhance the security of Princeton's network and systems and its response to threats. You will also gain a clear understanding of the campus culture, policies, governance, and infrastructure.

In this role, you are focused on the integrity of and access to University systems and the tools used to provide that insight. As part of your responsibilities, you will also work on continuous process improvement, proactive solutions, and automation, as well as documentation, reporting, and best practices.

The Security Operations Engineer stays abreast of current security threats and vulnerabilities, and participates in the ISO investigation of emerging threats, services, and solutions for the university information security posture.

The engineer also partners with ISO leadership and technical colleagues to research and resolve security issues, and contributes to ISO efforts to raise the importance of information security awareness across campus.

Responsibilities

• Serve as the technical lead within the Information Security Operations group, and effectively monitor, identify, and respond to security threats and vulnerabilities.
• Configure, troubleshoot, and maintain security infrastructure software and hardware.
• Employ technical analysis to identify information security incidents and determine best response and remediation strategies.
• In the event of an information security incident, participate in the response with ISO leadership and other OIT personnel.
• Maintain knowledge of emerging security monitoring tools, as well as participate in the evaluation of new tools to help ensure the security monitoring services for Princeton’s computing environment is current and meets team needs.
• Regularly review relevant cybersecurity sites and bulletins, such as REN-ISAC and Krebs on Security and others, to help ensure the University is as current as possible with information on perceived and existing threats to its information systems and data integrity, customer accounts, and networked devices.
• Participate in training support staff to advance the understanding of security concepts, threats and threat methodology, and monitoring tools, and enhance overall support to the Princeton community.
• Coordinate and/or author articles for the Knowledgebase in support of the ISO mission and resources.

Qualifications

Essential Qualifications

• A minimum of 5 years of experience in the following:
  • Security and network monitoring and reporting tool evaluation/deployment
  • Incident response management and procedures
• Solid understanding of IDS/IPS systems configuration and management
• Interpretation of security alerts, analysis of exploit trends and threat feeds
• Experience using SIEM solutions, especially LogRhythm SIEM for detection and management of security incidents, including fine-tuning and configuration of reporting, dashboards and alerts
• In depth knowledge of computer security and network monitoring tools, and the ability to assess and recommend the appropriate tools for Princeton
• In depth knowledge of network architectures and data flows
• Broad understanding and experience with a variety of technologies including vendor-neutral user and system authentication, authorization techniques, and security/data protection methods
• Strong interpersonal and communication (oral and written) skills, and the ability to work effectively individually, in teams, and with a diverse user base having varied levels of technical proficiency
• Education: Bachelor’s degree or equivalent experience.

Preferred Qualifications

• CISSP or GIAC certification
• Proficiency with LogRhythm SIEM, Windows, Unix/Linux, and Mac OS
• Experience with the McAfee Security Suite (e.g. SIEM, EPO), or equivalent set of tools
• Experience in higher education IT

Princeton University is an Equal Opportunity/Affirmative Action Employer and all qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability status, protected veteran status, or any other characteristic protected by law. KNOW YOUR RIGHTS

PI196155114