This position resides within the School of Medicine Information Security Office and will primarily work on Endpoint protection technologies and solutions, such as but not limited to Antivirus, Data Loss Prevention, Endpoint Protection, and Response, and more. This position will closely work with the central security operations center and assist with security events and their associated forensic efforts. This position will also assist with various Network Access technologies ensuring that WUSM enterprise network-connected devices are secure, accounted and sanctioned.
PRIMARY DUTIES AND RESPONSIBILITIES:
- Serves as responsible for rollout of Endpoint Protection tools across all WUSM department connected devices.
- Serves as responsible for security operations monitoring which includes, but is not limited to, tracking and monitoring of malicious software, vulnerability scanning, and log collection and analysis.
- Presents updates and training to management and staff.
- Identifies potential security risks and reports to Information Security Manager; opens and tracks incidents and tickets with IT departments.
- Installs and configures hardware and software that provides appropriate network and system security functionality.
- Maintains security plans, processes, and procedures necessary to both normal day-to-day operation and disaster recovery situations.
Graduation from a four-year college or university with a degree in an information technology field plus a minimum of three years of relevant IT security work experience; additional relevant work experience may be substituted for required education.
- SANS GIAC, ISC2 SSCP, CEH, MCSE, CCNA, or other security-related certification.
- Project Management: Ability to lead large-scale projects and provide regular updates to management.
- Planning and Organization: Ability to document, track, and communicate security risks to management and business owners; responds in a timely manner to a loss or misuse of information assets; collects information for review by General Counsel or Research Integrity as instructed.
- Technical Knowledge: Experience with various desktop/server vendor operating systems, such as but not limited to Microsoft Windows, Apple IOS, Linux; experience with security/networking technologies (e.g., TCP/IP, IPS/IDS, Web Security/content management, firewalls, VPN concentrators, routers, and switches); working knowledge of systems technologies (e.g., e-mail gateways, web services, database servers, and file hosting); working knowledge of network and/or system management tools; experience as a systems administrator, desktop support, or network operations; experience with the process and/or procedure documentation; experience with incident handling processes; experience with endpoint protection solutions from Cisco, Microsoft; experience with data loss prevention/Encryption technologies from Microsoft, Symantec, Digital Guardian; knowledge of network access control solutions from Cisco; knowledge of vulnerability scanners, log collection(SEIM), Forensic Solutions and evidence collection procedures.
- Technical Solution Development: Differentiates between problems and symptoms and develops solutions to address overall problem; strong analytical and problem-solving skills; detailed oriented; strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people; demonstrates ability to explain complex problems or situations.
- Consultancy Skills: Ability to resolve routine and complex problems based on existing documentation/training/resources; will have a close relationship with service desk, system, and network administration teams, security operations; will have frequent interactions with desktop/security support, operations, and development teams; ensures that resource owners/users are aware of security policies; possess strong written and oral communication skills; ability to set strategic goals and perform in both business and technology settings; strong customer focus and ability to manage client expectations; develops processes, writes guidelines, and performs awareness training; handles complex situations with sensitivity and confidentiality.