Indiana University

Human Resources

The following position reporting to Doug Pearson, Technical Director, REN-ISAC, is being posted externally. If interested, you must apply online at
Refer to job number #9790.

Principal Security Engineer, REN-ISAC - PA4IT

Serves as the principal technical security lead for REN-ISAC and will be responsible for invention and implementation of REN-ISAC information product and services including ensuring that REN-ISAC services are executed with the highest standards. Develops and maintains relationships to the REN-ISAC customers - primarily Information Security Officers at universities and colleges as well as external security collaborations. Provides primary technical interface to REN-ISAC members and represents REN-ISAC as an authority for computer and network security in higher education.

Directs the technical activities of other REN-ISAC team members on a day-to-day basis; contributes to REN-ISAC systems architecture design; provides technical guidance to REN-ISAC systems administration; and contributes to other supervisory activities. Develops and maintains contacts at high-levels such as the Information Security Officers and IT Directors at REN-ISAC member organizations to not only provide information (e.g. report incidents), but also exert influence to drive appropriate reactions in security awareness, proactive defense, and response. The individual should come to the position with well-established contacts and superior reputation among the higher education security community.

Serves as the principal security engineer/technical investigator supporting the computer and network security information gathering, analysis, and sharing, incident response, and information product development activities of the REN-ISAC. Performs high-level analysis of complicated and disparate technical and data architectures by applying highly specialized training and experiences to identify and rectify technical and information security vulnerabilities. As the principle technical lead, the individual must deliver and comport in accordance to these requirements.

REQUIRED: Bachelor's degree and six years of advanced IT systems analysis, programming or systems administration experience that includes two years of computer security/abuse incident response and investigation experience and two years of experience in development, administration, and maintenance of security systems and software.

Combinations of related education and experience may be considered at a 2:1 ratio.

Must be able to receive federal government secret security clearance.

Possess an extraordinary technical background including technical skills at the highest level in computer and network security analysis and response; and extensive background and practice in security and systems architecture and administration. Must be able to work with complex matters that involve technology, human behavior, politics, communications, and persuasion.

Extensive working knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (e.g. TELNET, FTP, NNTP, DNS, SMTP, HTTP, SSL/SSH, etc.). A demonstrated knowledge of tcpdump, netflow, firewalls, router ACLs; and extensive working knowledge of the Microsoft and/or UNIX operating systems, and the utilities used in system administration, system and kernel customization, security analysis tools, system logging and security incident diagnosis. Demonstration of excellent oral/written communication skills, and interpersonal skills.

Preferred: Degree in computer science; demonstrated knowledge of intrusion detection and prevention devices; extensive experience in World-Wide-Web information and application delivery; Perl and/or Python programming; ability to apply security tools in small- and large-scale vulnerability assessments (e.g. Nessus, password cracking tools, etc.); practical experience with one or more relational database packages; ability to effectively communicate information in the areas of primary responsibility; experience in Macintosh operating systems and applications; experience in a university-based technology environment.

Other: Preference is for employment location in Bloomington IN; however, depending on particulars of the candidate a telecommuting arrangement may be acceptable.

Research and Education Networking Information Sharing and Analysis Center's (REN-ISAC) current customer base includes 400 member institutions (1100 individual members) and will grow to include nearly all of higher education. Our ability to position ourselves as The Authority for computer and network security information sharing in higher education, our ability to develop relationships and contacts that sustain a robust information sharing base, and our ability to garner trust of the community, including trust for the handling of confidential information - these things depend upon integrity. REN-ISAC integrity depends on the quality of information product that we deliver, the character of relationships maintained, how we handle confidential information, our communications, and our responsiveness.

Indiana University is an Affirmative Action/Equal Employment institution.