Educause Security Discussion mailing list archives
Job: Junior InfoSec Engineer - Monitoring/Incident Response/Automation - CMU
From: Ted Pham <telamon () CMU EDU>
Date: Wed, 17 Jun 2015 19:41:19 +0000
I'm hiring for a junior level information security engineer focusing on day to day operations and scripting & automation. Some forensics experience is preferred. But primarily I'm looking for someone with a solid understanding of network, web, email, application and operating system concepts; who is a quick study; has a penchant for scripting and who is motivated to learn on the job. Title: Information Security Engineer, Computing Services Job Number: 2001024 Qualifications & Apply: https://cmu.taleo.net/careersection/2/jobdetail.ftl?job=2001024 Carnegie Mellon University, one of the world leaders in higher education and research, is searching for an Information Security Engineer to join the Information Security Office within the university's Computing Services division. The Information Security Engineer (ISE) is responsible for monitoring, investigation, response and support tasks related to the operation of the University's information security program by: - Monitoring and responding to network intrusion and vulnerability alerts raised by automated detection systems, internal & external reports and manual investigation - Executing incident response procedures and Information Security Office (ISO) processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary - Assisting campus IT personnel technically and procedurally with incident handling and E-Discovery requests - Participating in projects within the ISO to improve and automate processes and tools through evaluation, implementation and/or development as well as providing consulting across the division and campus - Investigating incident root cause & scope using host and network based forensics when called for by the incident response plan - Handling service support requests for certificate authority, vulnerability scanning, data loss protection and endpoint security - Providing documentation and announcements for security & abuse issues and current threats - Working with University Counsel to obtain, interpret and search forensic evidence for legal cases and subpoena compliance (E-Discovery) - Participating in 24x7 on call rotations for intrusion monitoring, incident response and infrastructure maintenance which may necessitate coming to campus at off-hours - Sharing responsibility for maintaining documentation on all incidents and job related procedures - Occasionally working with other groups in the division to secure infrastructure as needed - Potentially assessing systems for vulnerabilities in design and implementation as well as penetration testing of hosts and client/server & web applications Carnegie Mellon embraces diversity as a core value - central and indivisible from the pursuit of intellectual and artistic excellence. Ted Pham Information Security Office Carnegie Mellon University
Current thread:
- Job: Junior InfoSec Engineer - Monitoring/Incident Response/Automation - CMU Ted Pham (Jun 17)