Job Description

Job Summary
The University Information Security Office (UISO) is searching for a versatile and driven Information Security Engineer to join a team of prolific professionals who reports to the Security Engineering Manager. The Information Security Engineer role is an exciting opportunity for a security-minded problem-solver who understands technology and the human factors in systems, this engineering role has a direct impact on protecting university assets, and on formulating and influencing the choice of solutions for information security at IU. The Information Security Engineer is a cybersecurity expert within the IU IT professional community and has influence with internal and external constituents of the institution, through advanced-level technical and practical information security application and consulting.

Department-Specific Responsibilities

Provides expertise and recommendations on security architecture, and on appropriate strategic security actions.
Researches advanced security architectures and approaches, and designs, develops, customizes, and implements tools that protect and detect threats to university systems and networks.
Works on a team that serves as a critical resource for building and maintaining the technical controls that manage cybersecurity risk for IU.
General Responsibilities

Designs, develops, and implements advanced information security software and systems to address security exposures and potential threats; evaluates, recommends, and implements vended security software.
Acts as point of escalation for response to information security incidents; may provide leadership for information security emergency response teams and/or for other information security projects.
Provides advanced level of information security technical and practical consulting; makes recommendations on appropriate strategic security actions; performs digital forensic investigations as appropriate.\
Develops and implements advanced solutions to address complicated information security vulnerabilities and threats; partners with information security analysts to ensure exposures and risks are avoided and/or addressed.
Documents solutions and may write reports and/or papers as needed.
Researches and stays abreast of current higher education information security environment and trends; stays up-to-date on information security engineering best practices, tools, and approaches; disseminates information to team members and junior peers to promote best practices as appropriate.
Collaborates and participates in committees to share and improve information security practices across the university.
Often provides guidance and support to junior peers.
Qualifications
This position is posted at the Advanced Level but may be filled at the Career Level depending on the candidate's qualifications. Although they will be similar, the duties and responsibilities may differ if filled at the lower rank. Please see the qualifications for each level listed below.

Advanced Level Requirements

Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.

EDUCATION

Required

Bachelor's degree (preferably in Computer Science or related field)
WORK EXPERIENCE

Required

5 years of information security or related experience
SKILLS

Required

Proficient communication skills
Maintains a high degree of professionalism
Demonstrates time management and priority setting skills
Demonstrates a high commitment to quality
Possesses flexibility to work in a fast paced, dynamic environment
Seeks to acquire knowledge in area of specialty
Highly thorough and dependable
Demonstrates a high level of accuracy, even under pressure
Possesses a high degree of initiative
Ability to influence internal and/or external constituents
Creativity in identifying complex problems and finding solutions quickly and accurately
Attention to detail in communicating technical issues and implementing solutions
Mental discipline in conducting lengthy investigations
Ability to change priorities as incidents and threats develop or evolve
Preferred

Demonstrates ability to apply security tools in small- and large-scale vulnerability assessments (vulnerability scanners, password cracking tools, etc.)
Demonstrates in-depth knowledge of Microsoft Windows or Unix-like operating systems