This position provides services to the REN-ISAC membership, which includes over 660 institutions in the U.S., Canada, Great Britain, Australia and New Zealand, and 2,800 representatives who have cybersecurity responsibilities in research and education network organizations.
For more information on the Research and Education Networking Information Sharing and Analysis Center, please visit our website: here.
This position is responsible for the development and maintenance of the REN-ISAC's automated threat intelligence system, providing incident notifications to US .edu institutions, and facilitating notifications on incidents involving compromised credentials. Serve as a subject matter expert and trusted peer with REN-ISAC membership representatives. Respond to requests for REN-ISAC services and service enhancements, analyze significant, time-sensitive incidents and cybersecurity events for the community, and apply development and engineering skills to meet the member needs.
Working independently, serve as the principal network security engineer/technical investigator supporting the network security information gathering, analysis and sharing, incident response, and information product development activities of the REN-ISAC. Perform high-level analysis of complicated and disparate technical and data architectures, by applying highly specialized training and experiences to identify and rectify technical and information security vulnerabilities. Perform analysis of cyber security vulnerability and threat on supported research and education (R&E) networks. Develop alert, notification, and other information product based on that analysis. Provide response to cyber security incidents that affect supported networks or that have widespread affect.
Develop new information resources, analysis techniques, and information products. Work closely with network engineers who support national and international R&E networks, with R&E security collaborations, with REN-ISAC members, and with collaborators in the formal US ISAC structure. Scope of work is in direct service to all institutions of higher education, and in support of efforts to protect national cyber-infrastructure through the formal U.S. ISAC structure. Effort involves interaction and coordination with a wide-range of technical, management, and audit staff, primarily external to the University, from security incident handlers, to highly skilled technical staff, to University IT executive administrators. Make educated independent judgments as to risk versus benefit and cost of protections.
Provide reports and recommendations on appropriate tactical and strategic security actions. Using expertise, provide input that could have a direct impact on important technology decisions made at the high levels of the university IT organizations. Participate in and lead computer emergency response teams. Provide a very high level of security, technical and practical expertise/consulting. Provide training and leadership to front-line watch desk technicians. Gain and maintain a significant depth of knowledge in many widely varied technology areas. Administer and develop REN-ISAC systems and tools.
Bachelor's degree in Computer Science or a related technical discipline and six years of advanced systems analysis, programming, and systems administration experience including two years of computer security/abuse incident response and investigation experience, and experience in development, administration, and maintenance of security systems and software.
Combinations of education and related experience may be considered.
Limited Criminal Histories (LCH) check required for all external finalists, and for OVPIT and UITS internal finalists with less than one year on staff.
Ability to receive federal government secret security clearance.
Extensive working knowledge of IP protocols and related network applications. Extensive knowledge of security vulnerabilities and attack methods. Demonstrated knowledge of tcpdump, netflow, firewalls, and router ACLs. Demonstrated knowledge of intrusion detection and prevention devices. Working knowledge of the Microsoft and/or UNIX operating systems, and the utilities used in system administration, system and kernel customization, security analysis tools, system logging and security incident diagnosis. Excellent interpersonal skills. Ability to effectively communicate and exchange information with a wide diversity of individuals, including in the areas of primary responsibility.
Extensive experience in web information and application delivery. Experience with Perl programming. Ability to apply security tools in small- and large-scale vulnerability assessments (Nessus, password cracking tools). Practical experience with one or more relational database packages. Experience in Macintosh operating systems and applications. Experience in a university-based technology environment.
Working Conditions / Demands
Use of computer workstations, servers, printers, copiers, telephone and FAX machines, and other related technical equipment. Required to maintain and interact with computers and frequently move objects weighing up to 50 pounds.
Must be able to perform the essential functions with or without an accommodation.
Bloomington or Indianapolis Campus
Remote work is possible for some exceptional candidates. If remote, must be able to travel to Bloomington up to 4 times a year for required, in-person retreats/meetings that last a week.
Salary Plan: PAE
Salary Grade: 4IT
Job Function: Information Technology
Due to the COVID-19 pandemic, there may be differences in the working conditions as advertised in our standard job postings (e.g., the ability to travel from one campus to another, etc.). If you are invited for an interview, please discuss your questions or concerns regarding the working conditions at that time.
This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.
If you wish to include a cover letter, you may include it with your resume when uploading attachments.
Equal Employment Opportunity
Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment without regard to age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University's Notice of Non-Discrimination here which includes contact information .
Campus Safety and Security
The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online . You may also request a physical copy by emailing IU Public Safety at firstname.lastname@example.org or by visiting IUPD.
Founded in 1820, Indiana University is the state’s public university system, comprised of two core campuses—IU-Bloomington and IUPUI—and six regional campuses located throughout the state. Combined, the total student population is more than 114,000 undergraduate, graduate and professional school students. IU is one of the largest employers in the state, with over 20,000 faculty and staff. Indiana University is an equal employment and affirmative action employer and a provider of ADA services. Diversity and inclusion remains a core commitment to IU’s mission to cultivate an educational environment that supports equal access, participation and representation on all of its campuses and that provides educational and career opportunities for all.