Indiana University

Human Resources

The following position reporting to Doug Pearson, Technical Director, REN-ISAC, is being posted externally. If interested, you must apply online at
Refer to job number #14349

Principal Security Engineer, REN-ISAC - PA4IT

Serves as the principal technical security engineer for REN-ISAC. Is responsible for implementation, and execution of REN-ISAC information products and services, including ensuring that services are executed with the highest standards. Develops and maintains relationships to the REN-ISAC customers - primarily Information Security Officers at universities and colleges, and with external security collaborators. Provides primary technical security analysis interaction with REN-ISAC members and represents REN-ISAC as an authority for computer and network security in higher education.

Provides a very high-level technical and practical expertise and consulting. Must gain, maintain, and apply a significant depth of knowledge in many widely varied technology areas, including computing, data and voice networking, and complex security systems and software. Directs the technical activities of other REN-ISAC team members on a day-to-day basis; contributes to REN-ISAC systems architecture design; provides technical guidance to REN-ISAC systems administration; and contributes to other supervisory activities. Develops and maintains contacts at high-levels such as the Information Security Officers and IT Directors at REN-ISAC member organizations to not only provide information (e.g. report incidents), but also exert influence to drive appropriate reactions in security awareness, proactive defense, and response. The individual should come to the position with well-established contacts and superior reputation among the higher education security community.

Serves as the principal security engineer/technical investigator supporting the security information gathering, analysis, and sharing, incident response, and information product development activities of the REN-ISAC. Performs high-level analysis of complicated and disparate technical and data architectures by applying highly specialized training and experiences to identify and address technical and information security vulnerabilities. As the principle technical lead, the individual must deliver and comport in accordance to these requirements.

REQUIRED: Bachelors degree and six years of advanced IT systems analysis, programming or systems administration experience that includes two years of computer security/abuse incident response and investigation experience and two years of experience in development, administration, and maintenance of security systems and software.

Combinations of related education and experience may be considered.

Must be able to receive federal government security clearance.

Possess advanced technical background and skills in computer and network security analysis and incident response, systems architecture, and administration. Must be able to work with complex matters that involve technology, human behavior, politics, communications, and persuasion.

Extensive working knowledge of security incident diagnosis, system vulnerabilities, penetration and defense, security analysis tools, and system logging; Microsoft and/or UNIX operating systems and the utilities used in system administration, system and kernel customization. Extensive working knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with applications (e.g. NNTP, DNS, SMTP, HTTP, SSL/SSH, etc.). Demonstrated knowledge of tcpdump, netflow, firewalls, and router ACLs.

Excellent interpersonal and communication skills, written and verbal including ability to interact with a diverse group of individuals with varied levels of understanding and authority within customer institutions. Ability to clearly and effectively document the areas of primary responsibility.

PREFERRED: Degree in computer science; demonstrated knowledge of intrusion detection and prevention devices; extensive experience in World-Wide-Web information and application delivery; Perl and/or Python programming; ability to apply security tools in small- and large-scale vulnerability assessments (e.g. vulnerability scanners, password cracking tools, etc.); practical experience with one or more relational database systems; experience in Macintosh operating systems and applications; experience in a university-based technology environment.

OTHER: Preference is for employment location in Bloomington IN; however, depending on particulars of the candidate a telecommuting arrangement may be acceptable.

Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) current customer base includes 439 member institutions (1347 individual members) and will grow to include a majority of U.S. higher education. Our ability to position ourselves as the authority for computer and network security information sharing in higher education, our ability to develop relationships and contacts that sustain a robust information sharing base, and our ability to garner trust of the community, including trust for the handling of confidential information - these things depend upon integrity. REN-ISAC integrity depends on the quality of information product that we deliver, the character of relationships maintained, how we handle confidential information, our communications, and our responsiveness.

NOTE: This position is eligible for the Employee Referral Incentive Program. Details can be found here.

Indiana University is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation or identity, national origin, disability status, or protected veteran status. This institution is also a provider of ADA services.