* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project
Principal Security Engineer– PAE4IT A. PRIMARY ROLE Working independently, performs highest level analysis of complicated and disparate technical and data architectures by applying highly specialized training and experiences to identify and rectify technical and information security vulnerabilities. Provides technical leadership on matters of security, systems administration, and emerging threats. Makes educated independent judgments as to risk versus benefit and cost of protections. Participates in university technology projects, and provides reports and recommendations on appropriate tactical and strategic security actions. Has expertise and provides input that could have a direct impact on important technology decisions made at the highest levels of the university. Participates in and leads computer emergency response teams. Has limited unilateral authority to remove high-risk technology components from service. Provides very high level of security technical and practical expertise/consulting, and must gain and maintain a significant depth of knowledge in many widely varied technology areas. B. PRIMARY JOB DUTIES AND RESPONSIBILITIES % of Time Duty/responsibility 30 Perform analysis of security threats on supported research and education networks. Develop alert, notification, and other information product based on that analysis. Collect, disseminate, and analyze information regarding active network security threats. Respond to requests for security analysis; write reports, papers, or other products as required. 30 Collect, analyze, and distill information regarding current known system vulnerabilities, solutions, and current intrusion methods and protections, disseminating information as appropriate. Analyze, develop, implement, and maintain network and system security analysis and other tools. Design, develop, and implement complex security software; evaluate, recommend, and implement vended security software. 15 Participate in and lead computer emergency response teams. Act as senior point of escalation for response to cyber security incidents that affect supported backbone networks or that have wide-spread effect. Respond to incidents of computer security breaches and other incidents involving the use of technology and provide advice to and/or participate in the collection and analysis of technical evidence (forensics) as required. 15 Provide very high level of security technical and practical expertise/consulting. Make educated independent judgments as to risk versus benefit and cost of protections. Participate in university technology projects, and providesreports and recommendations on appropriate tactical and strategic security actions. Have expertise and provide input that could have a direct impact on important technology decisions made at the highest levels of the university 5 Develop and maintain contacts at high levels such as organizations of information security officers and IT directors. Attend conferences and training, and interact as required to maintain knowledge of current issues and best practices. 5 Maintain a significant depth of knowledge in many widely varied technology areas. C. QUALIFICATIONS Minimum education: Baccalaureate degree in Computer Science or equivalent experience is required. Minimum experience: Six (6) years of advanced systems analysis/, programming, and/or system administration experience is required. Two (2) years of experience in development, administration, and maintenance of security systems and software are required. Two (2) years of computer security/abuse incident response and investigation experience is desired. Required knowledge, skills and abilities: Extensive working knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (DNS, SMTP, HTTP, SSL/SSH, etc.) is required. A demonstrated knowledge of tcpdump, NetFlow, firewalls, and router ACLs is required. A demonstrated knowledge of intrusion detection and prevention systems is desired. Extensive working knowledge of operating systems and the utilities used in system administration, system and kernel customization, security analysis tools, system logging, and security incident diagnosis is required. A demonstrated ability to program in C, Perl, Python, or other widely-used, general purpose language is required. Practical experience with one or more relational database packages is required. A demonstrated ability to apply security tools in small- and large-scale vulnerability assessments (vulnerability scanners, password cracking tools, etc.) is required. A demonstrated ability to clearly and effectively document the areas of primary responsibility is required. Position requires demonstration of excellent oral/written communication skills, presentation skills, and interpersonal skills. Extensive experience in Internet information and application delivery is required. Background checks are required for all finalists. Experience in a university-based technology environment is preferred. Equipment utilized: Modern computing hardware and software, including basic computer networking equipment. D. LEVEL OF DECISION MAKING Effort involves interaction and coordination with a wide-range of technical, management, and audit staff, both internal and external to the university, from entry-level programmers to highly skilled technical staff to functional unit managers to university executive administrators. Responsible for hiring and managing interns. E. SCOPE AND IMPACT Scope of work is university-wide, and is performed on critical university automated processes, computer systems, networks, information systems, telecommunication systems, and computer procedures and practices.