Sr. Security Engineer
Job Description Summary:
I. JOB OVERVIEW
The Division of Information Technology (it.gwu.edu) is the chief provider of technology infrastructure, services and applications at GW. The Division partners with stakeholders across GW to equip students, staff and faculty with the technology know-how and tools necessary to achieve academic excellence. Reporting to the Director of Information Security Services, the Senior Security Engineer works within the Division's Information Security & Compliance Services department. The Senior Security Engineer is responsible for the following:
• Performs technical security assessments, penetration testing, and vulnerability assessments on various platforms including analysis of networks, servers, appliances, applications, business processes, and cloud integrations.
• Demonstrates proficiency in a variety of penetration testing tools such as Kali Linux, Burp Suite, OWASP ZAP, Metasploit, Wireshark, sqlmap, and Nmap. The candidate is capable of conducting custom fuzzing and scripting to automate security analysis
• Performs thorough web application security assessments using guidelines such as the OWASP Top Ten to discover web vulnerabilities such as broken access control, insecure business processes, content/directory enumeration, logic flaws, session management flaws, code injection (XSS, /SQL Injection, Command Injection, etci), and and authentication/authorization bypass
• Documents testing results and creates clear, structured deliverables. Communicates technical findings and remediations to internal groups in a way that relates to all levels of technical competence
• Performs testing and research to identify previously undocumented vulnerabilities outside of the security assessment process. Leads actively in the information security community and stays current on new vulnerability research, trends, and tools
• Reviews system architectures and application functions to make recommendations to enhance security for projects
• Provides technical input to continuously improve university security posture
• Performs other related duties as assigned.
The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position.
This position is primarily located on the GW Virginia Science and Technology Campus (VSTC) in Ashburn, Virginia, however time may be split between this location and the Foggy Bottom Campus in Washington DC as required.Minimum Qualifications:
Qualified candidates will hold a Bachelor's degree in an appropriate area of specialization plus 5 years of relevant professional experience, or, a Master's degree or higher in a relevant area of study plus 3 years of relevant professional experience. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience.Additional Required Licenses/Certifications/Posting Specific Minimum Qualifications: Preferred Qualifications:
• Professional experience in operation and installation of security systems along with a minimum of two years of UNIX, Windows, and ORACLE system administration experience
• Excellent interpersonal and communication skills.
• Experience within a university environment preferred
II. JOB DETAILS
Campus Location: Ashburn, Virginia College/School/Department: Division of IT Family Information Technology Sub-Family Systems Security Stream Individual Contributor Level Level 3 Full-Time/Part-Time: Full-Time Hours Per Week: 40 Work Schedule: M-F Position Designation: Essential: Employees who perform functions that have been deemed essential to maintaining business or academic operations. Employees are generally expected to work from home during an event and may be asked to physically report to work. Telework: No Required Background Check: Criminal History Screening, Education/Degree/Certifications Verification, Social Security Number Trace, and Sex Offender Registry Search Special Instructions to Applicants: Internal Applicants Only? No Posting Number: S006854 Job Open Date: 05/08/2018 Job Close Date: If temporary, grant funded or limited term appointment, position funded until: Background Screening Successful Completion of a Background Screening will be required as a condition of hire. EEO Statement:
The university is an Equal Employment Opportunity/Affirmative Action employer that does not unlawfully discriminate in any of its programs or activities on the basis of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, or on any other basis prohibited by applicable law.
Posting Specific Questions
Required fields are indicated with an asterisk (*).
- * Does the professional experience section of your resume include months?
(Open Ended Question)
- * What is your salary range expectation?
(Open Ended Question)
- Cover Letter
Documents needed to Apply
- Cover Letter