Information Security Systems Engineer

Job description

Posting Details

Position Information

Position Number 998591 Functional Title Information Security Systems Engineer Position Type Staff Position Eclass EP - EHRA 12 mo leave earning University Information

UNC Greensboro, located in the Piedmont Triad region of North Carolina, is a higher-research activity university as classified by the Carnegie Foundation. Founded in 1891 and one of the original three UNC system institutions, UNCG is one of the most diverse universities in the state with nearly 20,000 students and over 2,700 faculty and staff members representing more than 90 nationalities. With 17 Division I athletic teams, 85 undergraduate degrees in over 100 areas of study, as well as 74 master’s and 32 doctoral programs, UNCG is consistently recognized nationally among the top universities for academic excellence and value, with noted strengths in health and wellness, visual and performing arts, nursing, education, and more. For additional information, please visit uncg.edu and follow UNCG on Facebook, Twitter and Instagram.

Primary Purpose of the Organizational Unit

The Information Security Office is a subset within the Information Technology Services (ITS) division that is charged with providing active information security assessment, risk analysis, incident management, information security controls, education, and guidance for the protection of UNCG’s information assets and information technology environment. The overall objective is to protect and preserve the confidentiality, integrity and availability of information and information resources for teaching and learning, research, service, and the conduct of university business.

Position Summary

The Information Security Systems Engineer contributes to the success of the University by developing, configuring, implementing, and supporting specialized information security systems and tools that protect critical information systems and resources from security threats. This includes implementation, maintenance, lifecycle management, and break/fix support for a wide variety of information security systems including:
– Security Event Information Management (SEIM) systems
– Vulnerability detection and management systems
– Data Loss Prevention (DLP) and data security scanning systems
– Network traffic monitoring behavioral anomaly detection systems
– Cloud Access Security Broker (CASB) systems
– Database access monitoring and security scanning systems
– Governance, Risk & Compliance (GRC) systems
– eDiscovery systems
– Security Orchestration, Automation, and Response (SOAR) systems
– Application security testing and Runtime Application Security Protection (RASP) systems

The Information Security Systems Engineer is also responsible for planning and executing short- and medium-term information improvement projects and initiatives intended to improve the sustainability, automation, efficiency, efficacy, performance, and coverage of information security systems and tools with guidance and support from the Chief Information Security Officer (CISO) and systems architects. This includes evaluating, proposing, acquiring, developing, and deploying new and/or customized security solutions to meet UNCG’s specific information security needs according to the adopted ISO/IEC 27002 control framework. The Engineer works actively with other IT staff and end-users from other University departments and divisions to help determine functional, interoperability, sustainability, and information security requirements for the security systems being deployed and is responsible for ensuring that deployed technologies provide the necessary protection, detection, and defense capabilities for the information resources that they are intended to protect. The Engineer also ensures that all supported systems are fully documented and supported in an auditable fashion.

Additionally, the Information Security Systems Engineer provides ongoing support and advice to other IT staff and end-users on a variety of security topics and issues, helping to ensure adherence to the University’s security policies and procedures along with compliance with applicable regulations. The Engineer recommends strategies to prevent security exposures and intrusions and plays a key role in helping University business units address extant and emerging security concerns through the use of appropriate security technologies.

Minimum Qualifications
  • Mid career with Master’s Degree and 1 to 2 years of experience; or Bachelor’s Degree and 2 to 4 years of experience; or equivalent education and experience.
  • Degree should be in Computer Science, Information Technology, Information Security or closely related discipline from an appropriately accredited institution or equivalent education and experience.
  • Demonstrated recent experience with server and network infrastructure operations, including Windows and Linux servers, virtual server systems, and complex enterprise network routing and switching.
  • Demonstrated recent experience with scripting and automation technologies.
  • Demonstrated recent experience with security configurations on cloud computing systems.
Additional Required Certifications, Licensures, and Certificates Preferred Qualifications
  • 7+ years of technical experience supporting information security systems.
  • 2+ years of technical leadership responsibilities in previous positions.
  • Excellent interpersonal and written communications skills.
  • Information security industry or vendor certifications are desired.
Special Instructions to Applicants

Applicants have the option to provide the names, email addresses, and phone numbers of up to four (4) contacts to provide Letters of Recommendation, in the References section of the electronic application. These contacts will be solicited by the UNCG SpartanTalent system via email, and asked to provide a confidential Letter of Recommendation on behalf of the applicant. This will occur after the candidate is recommended for interview.

Applicants are required to upload the following documents with their electronic application:

  • Resume
  • Cover Letter
  • List of References

Applicants are required to upload a list of references of at least three (3) professional references that includes:

  • Name
  • Company Name
  • Type of reference (Professional, Supervisor, Colleague, Academic or Personal). One (1) of those references will need to be a current or previous supervisor.
  • Email Address
  • Contact Phone Number

Applications are not successfully submitted until an online confirmation number has been received at the end of the application process.

Recruitment Range Salary commensurate with experience Org #-Department Information Technology Services - 23101 Job Open Date 04/17/2019 For Best Consideration Date Job Close Date Open Until Filled Yes FTE 1.000 Type of Appointment Permanent If time-limited, please specify end date for appointment. Number of Months per Year 12 FLSA Exempt Key Responsibilities

Key Responsibilities

Percentage Of Time 40 Key Responsibility

Information Security Systems Support

Essential Tasks
  • Act as technical lead supporting enterprise-scale technology solutions that provide critical information security services across a diverse functional environment.
  • Design, develop, test, certify, and fully document robust information security solutions according to documented requirements.
  • Deploy, support, upgrade, maintain, and administer critical information security systems in support of institutional business, security, and technology goals.
  • Respond to break/fix issues concerning information security systems, performing technical diagnosis, troubleshooting, and resolution for complex issues.
  • Act as an escalation point for other team members, providing technical expertise for support and resolution of production problems and security incidents, always seeking to identify root cause and prevent future recurrence.
Key Responsibilities

Percentage Of Time 40 Key Responsibility

Security Systems Consulting and Continuous Improvement

Essential Tasks
  • Provide subject matter expertise and consulting services for information security technologies to other IT Staff and distributed technology groups across the institution.
  • Act as a lead security systems engineering resource for multiple parallel project efforts, helping to drive the technical components of those projects to completion.
  • Drive the creation of efficient, repeatable and measurable human processes for deploying, maintaining, administering, and supporting information security systems.
  • Drive the development of scripts and other automation techniques to increase the manageability, efficiency, capability, capacity, and security of supported systems.
  • Analyze and assess existing systems and identify gaps leading to potential improvements throughout the technology lifecycle.
  • Create scripts, employ tools, develop automation techniques, and pursue ideas to increase the manageability, efficiency, capability, capacity, and security of information security systems, servers, and appliances.
  • Pursue new and evolving security technologies, and develop them for potential future use.
Key Responsibilities

Percentage Of Time 20 Key Responsibility

Technology Governance

Essential Tasks
  • Foster and maintain relationships with architects and system operators in a manner that reflects the communications and feedback loops necessary to ensure that systems are usable, operable, efficient, and effective according to their designed purpose.
  • Maintain comprehensive technical documentation including functional requirements, technical designs, network diagrams, workflow diagrams, application communications diagrams, configuration standards, support documentation, procedural documentation, training materials, and some project documents.
  • Participate in vendor support relationships and take an active role in facilitating the exchange of information in order to improve the quality and efficacy of vendor product offerings in a direction that benefits the institution.
  • Work with risk management teams to help identify and articulate risks to supported systems, and to remediate, remove, or mitigate risks to the technology environment in compliance with established governance and risk management frameworks.
  • Participate in audit and compliance activities, always seeking to ensure that technology systems and human processes produce artifacts that prove compliance with applicable regulatory requirements and standards.
ADA Checklist

ADA Checklist

R for Rare (0-30%), O for Occasional (30-60%), F for Frequent (60-90%), C for Constant (90-100%).

Physical Effort Hand Movement-Repetitive Motions - F, Finger Dexterity - F, Reading - F, Writing - F, Hearing - F, Talking - F, Sitting - F Work Environment Inside - C Applicant Documents Required Documents
  1. Resume/CV
  2. Cover Letter
  3. List of References
Optional Documents
  1. Reference Letter 1
  2. Reference Letter 2
  3. Reference Letter 3
Supplemental Questions

Required fields are indicated with an asterisk (*).

  1. * Please indicate how you learned of this vacant position for which you are applying:
    • CAA
    • NCAA Arts
    • ICFAD
    • SECCAC
    • Arts Council of the African Studies Association
    • Professional Job Board
    • InsideHigherEd
    • Social Media
    • Networking
    • UNCGjobsearch website
    • Other
  2. If you selected "Other", please provide the name of the resource here.

    (Open Ended Question)

 

 

 

Diversity Profile: University

 

AAUP COMPENSATION SURVEY DATA

View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 4/18/2019
Application Due: 8/18/2019
Work Type:
Salary: