IT Information Security assesses risks to University information assets and works closely with a broad range of University constituencies to implement appropriate administrative, technical, and physical controls to comply with laws, regulations, funding agency requirements and security policies. The department develops, implements, and maintains a comprehensive information security program and establishes policies, procedures, training, and awareness initiatives designed to protect University information resources, limit liability, and prevent legal and regulatory violations. In addition, IT Information Security unit defines, promotes, and enforces policies and standards to manage risks throughout the digital identity lifecycle, including user identification and authentication, user privileges and account management, in accordance with laws, regulations and contractual obligations. The technology work of this group is critical to the achievement of the IT organization's and University's strategic plans and goals.
The Security Operations group within the IT Information Security unit provides technical expertise on system and network security. The group implements and administers security policy for central IT managed systems and networks. Work involved in ensuring system and network security includes log analysis, disabling compromised systems from the network, incident handling, conducting periodic scans for vulnerabilities, firewall configuration, penetration tests, maintaining intrusion detection systems, and administering other security hardware/software installs and configurations. The unit conducts regular periodic audits to ensure that security policy is being enforced. The group partners with the IT Security Policy & Compliance group to develop and maintain security policy for the University. The group also collaborates with staff in other IT units within central IT and distributed IT. The Security Engineer is considered essential personnel and provides off-hour, on-call coverage to support the central IT systems.
The Security Engineer, IT Information Security reports to the Manager of the Security Operations group within the IT Security unit.
This is a multi-level hire. Candidates will be hired into levels that are commensurate with their experience and educational background.
Performs log analysis, incident response, and SIEM (Security Information and Event Management) monitoring.
Configures, maintains and analyzes IDS/IPS systems.
Configures, maintains and analyzes traditional and application layer firewalls and other security systems.
Conducts regular periodic vulnerability scans and acts upon the results.
Conducts regular periodic security audits of system and network configurations. Ensures that security patches have been applied and no software versions with known security vulnerabilities are in use.
Analyzes packet flow data (i.e. netflow, ipfix) to find compromises, intrusions, etc. or for forensic analysis.
Works closely with the Enterprise Systems & Cloud Services and Network and Infrastructure Services units in IT to implement security policy on servers and network equipment that provide services for the University and secure network configurations.
Consults with other groups in IT to ensure that University information security standards are being enforced.
Provides system administration expertise, programming and analysis as related to information security considerations for systems and networks managed by IT.
Maintains a good degree of familiarity with hardware and software supported by staff in IT. Creates programs and procedures to make internal and external business processes more efficient. Writes documentation as needed.
Provides technical expertise and support to the campus clientele regarding departmental systems and applications when needed. Maintains a good level of technical skills in areas of specialization and basic knowledge of emerging state-of-the art computer and network systems technologies, architectures and products. Researches and evaluates future technologies and solutions.
Establishes and maintains appropriate working relationships with colleagues and follows University and department policies and procedures governing IT efforts. Works within the department’s overall strategic plan following project priorities and scope. Meets deadlines and achieves goals.
Performs miscellaneous job-related duties as assigned.
Bachelor's degree with two years’ experience, or an equivalent combination of education, certification, and experience. Degree in Computer Science, Information Systems, Electrical/Computer Engineering, or other directly related field preferred.
Experience in TCP/IP networking.
Experience with traditional firewall configurations preferred.
Familiarity with system/network design using principles of least privilege and separation of privilege.
Familiarity with network and host intrusion detection systems, firewalls and other security systems.
One or more security certifications desirable (CISSP, SANS, etc).
Experience with system administration, system and network security, development tools and methodology, and system management in Linux and Unix environments.
In-depth knowledge of one or more operating systems, common networking equipment, and major network protocols, and multiple technologies.
Ability to solve problems independently, troubleshoot, diagnose, and correct systems problems.
Analytical, evaluative, and objective critical thinking skills.
Effective verbal and written communication, interpersonal, and organizational skills.
Ability to work independently as well as part of a team.
Ability to communicate technical information to non-technical users.
Knowledge of information flow and management environments within area of operational specialty.
Knowledge of current technological developments/trends in area of expertise.
Knowledge of a broad range of relevant multi-user computer systems, applications, and/or equipment.
Knowledge of computer systems analysis and design concepts, methods, procedures, and standards.
Experience in a University computing service environment is desirable.
Internal Number: 494762
About University of Delaware
The University of Delaware has a great tradition of excellence, from our roots extending back to a small private academy started in 1743, to the research-intensive, technologically advanced institution of today. Our alumni tell our story of achievement, from our first class, which included three signers of the Declaration of Independence and one signer of the U.S. Constitution, to the more than 154,000 living Blue Hens who are making vital contributions to the world. Vice President Joseph R. Biden Jr. and his wife, Jill, are both UD alumni. The University received its charter from the State of Delaware in 1833 and was designated one of the nation’s historic Land Grant colleges in 1867. Today, UD is a Land Grant, Sea Grant and Space Grant institution. The Carnegie Foundation for the Advancement of Teaching classifies UD as a research university with very high research activity—a designation accorded less than 3 percent of U.S. colleges and universities. UD ranks among the nation’s top 100 universities in federal R&D support for science and engineering. A state-assisted, privately governed institution, UD offers a broad range of degree programs: 3 associate programs, 147 bachelor’s p...rograms, 119 master's programs, 54 doctoral programs, and 15 dual graduate programs through our seven colleges and in collaboration with more than 70 research centers. Our student body encompasses more than 17,000 undergraduates, more than 3,600 graduate students and nearly 800 students in professional and continuing studies from across the country and around the globe. Our distinguished faculty includes internationally known authors, scientists and artists, among them a Nobel laureate, Guggenheim and Fulbright fellows, and members of the National Academy of Sciences, National Academy of Engineering and the American Association for the Advancement of Science. State-of-the-art facilities support UD's academic and public service activities. Our 146-foot coastal research vessel, Hugh R. Sharp—the most advanced in the U.S.—helps scientists across the region explore the sea. World-class figure skaters train at our High Performance Figure Skating Center. Partnerships with Nemours/A. I. du Pont Hospital for Children, Christiana Care and Thomas Jefferson University; the U.S. Army; Winterthur; Longwood Gardens and Hagley Museum offer unparalleled experiences in health sciences, defense research, art conservation, horticulture and history. The University is now transforming a 272-acre parcel, the site of a former auto assembly plant, into the Science, Technology and Advanced Research (STAR) Campus. Distinguished speaker series, symposia, 21 intercollegiate athletics programs and numerous intramural and club sports, more than 300 student organizations, concerts, exhibits and other arts and cultural activities enrich campus life.Thomas Jefferson once described Delaware as a "jewel" among states due to its strategic location on the East Coast, halfway between Washington, D.C., and New York City. Today, however, the location of Delaware's flagship university increasingly is invoked as "halfway between Los Angeles and London."In addition to our Georgian-inspired main campus in Newark, Del., UD has locations across the state--in Wilmington, Dover, Georgetown and Lewes. A thriving study-abroad program and expanding international partnerships further enhance our students' education as global citizens. We invite you to visit our campus or take our virtual tour today! http://video.realviewtv.com/education/udel/