CYBERSECURITY TESTING & DEFENSE ANALYST
JOB NO.: 91156-AS
Work Type: Staff-Full Time
Department: DOIT/SEC/DEPT OFFICE
Categories: Computer Science, Information Systems/Technology
Employment Class: Academic Staff-Renewable
Position Vacancy ID: 91156-AS
Working Title: Cybersecurity Testing & Defense Analyst
Official Title: IS SPECIALIST(S45DN)
Hiring Department: A060370-INFORMATION TECHNOLOGY/SEC/CYBERSECURITY
Anticipated Begin Date: AUGUST 01, 2017
Term: This is a renewable appointment.
Minimum $78,000 Maximum $92,000 ANNUAL (12 months)
Depending on Qualifications
Degree and Area of Specialization:
Bachelor's degree in network security, information security, or a related field. OR Three or more years of experience working in the information technology field.
Minimum number of years and type of relevant work experience:
* Minimum three years' experience in developing, implementing, and testing security controls for systems (e.g. web applications and/or servers).
* Demonstrated understanding of network design, security protocols and systems administration with excellent analytical and problem solving skills.
* Demonstrated experience of collaborating across cross-functional teams to report to management the status of risk and remediation options.
* Demonstrated ability to communicate technical and security concepts to non-technical audience by written and verbal communication including the ability to write analysis reports based on findings.
* Experience with typical application components such as web servers, application servers, relational database (Oracle and/or SQL), middleware and underlying infrastructure devices (WAN and LAN devices, operating systems for server platforms such as Windows Server and/or Linux/Unix, and container/DevOps technology such as Docker), workstations, and a broad range of applications, host and network security devices.
* Must hold, or be able to obtain within six months, a management oriented security certification (e.g. CISSP or CISM) and/or Vulnerability Assessment certification (e.g. GWAPT).
* Solid understating of manual, automated application penetration testing skills, vulnerability scanning and analysis as well as skill in careful, limited live testing in live production environments.
* Experience with API, Scripting and/or programming languages.
The Office of Cybersecurity supports the CIO and the campus by leading and managing campus efforts to reduce risk. Strategies include appropriate handling of data, continued diagnostics and good processes and procedures to manage our intellectual property and other sensitive information.
This position is responsible to completing work efforts within the Security Testing and Cyber Defense domain of the UW-Madison Office of Cybersecurity. The team focuses on implementation of frameworks and processes that pro-actively identify, assess, and manage vulnerabilities through testing systems throughout the systems development life cycle. Utilizing the implemented frameworks and processes, the team performs vulnerability and risk assessments of networks, systems, and applications to support system operations and guides the developers, system administrators, and engineering staff in implementing an appropriate set of IT risk mitigation controls. These may also include phases of the Risk Management Framework (RMF). Security testing includes establishing and maintaining services for host-based, web application, database vulnerability management, and penetration testing.
This position is also responsible for organizing Cyber Defense Engineering services and supporting the operational cybersecurity controls identified from the Governance, Risk and Compliance (GRC), Cybersecurity Operation Center (CSOC), and Enterprise System Security (ESS) domains and from the Office of the CIO. This includes providing services and controls associated with application security, endpoint security, data security, and network security across the UW-Madison campus. This position reports to the UW-Madison Chief Information Security Officer.
The successful candidate must pass a U.S. Department of Justice/FBI background check and be approved by the Secretary of the U.S. Department of Health and Human Services under 42 CFR 73.8.
Instructions to applicants:
Please note that DoIT is not able to provide sponsorship for this position.
Application materials may be reviewed prior to the deadline, in order to update your materials, please notify the contact listed in the job posting.
In order to be considered for this position, applicants must upload a resume and cover letter. Your cover letter should specifically address the Required Qualifications listed in the Relevant Work Experience section.
Additional Link: Full Position Details
NOTE: A Period of Evaluation will be Required
The University of Wisconsin is an Equal Opportunity and Affirmative Action Employer.
The Annual Security and Fire Safety Report contains current campus safety and disciplinary policies, crime statistics for the previous 3 calendar years, and on-campus student housing fire safety policies and fire statistics for the previous 3 calendar years. UW-Madison will provide a paper copy upon request; please contact the University of Wisconsin Police Department.
Advertised: 16 Jun 2017 Central Daylight Time
Application Close: 18 Jul 2017 11:55 PM Central Daylight Time