The IT Security Office (ITSO) is responsible for the overall coordination, implementation, and assessment of information security at Duke University. The overall goal of ITSO is to achieve the optimal level of confidentiality, integrity and availability of Duke's information assets and systems while providing a safe and secure computing environment for research, teaching, learning, and everyday conduct of University business.
The incumbent will find themselves working on both small and large scale projects to improve protective and detective security capabilities while assisting teams within IT and campus-wide achieve their goals. The role is primarily an architectural/engineering role, but also will include operational aspects. As information security is an extremely fast-paced field, ITSO team members are expected to research new technologies and rapidly understand their uses and risks.
To be successful requires excellent oral and writing skills, project management, strong people skills, and a results oriented attitude. In all endeavors the incumbent must demonstrate the highest degree of ethics and professionalism.
DUTIES & WORK PERFORMED:
# Performing technical evaluations of systems, services and networks to assess and decrease relative security risk, with a special focus on cloud security.
# Assist in the planning and development phases of projects to ensure that the system deployed meets the security objectives of the university.
# Creating and maintaining technical tools which assist the IT Security Office in its daily operations.
# Deep level support for ITSO tool sets including but not limited to the campus intrusion detection and prevention systems, and log analysis system.
# Keeping abreast of both new security threats and new technologies for mitigating these threats.
# Assisting in the development of IT policy appropriate to the campus environment
# Provide incident handling support for security incidents, including acting in the role of first responder.
Excellent verbal and written skills.
Required: B.S. in Computer Science, Engineering or related field plus 3 years of experience in security, networking, systems administration, etc.; or 5 or more years of experience.
Certifications such as SANS, CISSP, CISA, CISM, etc. are optional, but will be considered favorably.
EXPERIENCE & SKILLS:
Experience with cloud security, particularly in Microsoft Azure.
Experience in system security (Unix, Linux or Windows), systems administration, networking protocols, etc.
Experience in developing dashboards and alerting in log analysis technologies such as Splunk.
Experience with security practices in a large, decentralized heterogeneous environment such as a university.
Duke is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.
Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.
Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essentialjob functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.