Senior Security Engineer at Harvard University in Cambridge, MA
Reporting to the Manager of Server Infrastructure, this position will be responsible for the operational aspects of implementing the Harvard and the Division of Continuing Education (DCE) security policy on server and networks. This position will work closely with DCE's Information Security Officer who reports to the Managing Director of Administrative IT. Other duties and responsibilities include:
Project Management:
Responsible for managing security-related projects; individually or as a team lead. Produce project planning documentation and estimate-needed resources. Security Policy Documentation and Reporting:
Responsible for documenting and reporting on operational security processes to satisfy local, university, state and federal compliance. Security Incident Response:
Responsible for organizing DCE's response to security incidents and reporting back to DCE and Harvard University IT (HUIT) administration. Monitoring Security Logs:
Responsible for monitoring and comparing log files across many security and application tools, in order to detect intrusions or unusual behavior that would require further investigation. Vulnerability Assessment:
Continually assess DCE's network and server technology to determine security gaps or room for improvements. Participate in completing the Annual Security Assessment Report required by HUIT. Security Tool Maintenance and Configuration:
Ensure security tools are up-to-date and configurations reflect the current DCE environment. Research and Recommendation:
Conduct research into new security threats and make recommendations for new or updated security tools and processes. Typical Core Duties Review or perform complex procedures necessary to ensure the safety of information and to protect systems from intentional or inadvertent access, modification, disruption or destruction Recognize and identify potential areas where existing data security policies and procedures require change, or where new ones need to be developed (firewalls, intrusion detection, vulnerability scanning, host operating systems, and network devices) Perform or contribute to risk assessments Maintain awareness of emerging threats and trends within Information Security Provide community stakeholders and management with security risk assessments and security briefings to advise them of issues that may affect business outcomes Advise unit/school on questions in support of processes Act as a trusted advisor to clients/staff Abide by and follow the Harvard University IT Code of Conduct Basic Qualifications Minimum of five years' experience post-secondary education or relevant work experience Additional Qualifications and Skills BS Computer Science or Equivalent and 10
years of experience in similar role. 5
years' experience with security operations. Experience in security design, security programs. Experience planning, researching and developing security policies, standards and procedures Highly flexible, quality driven, goal oriented and able to participate in a team environment. Experience with networking, firewalls, computer forensic tools, SIEM, antivirus, IDPS and DLP concepts, risk assessment, and disaster recovery technologies and methods. Experience designing secure networks, systems and application architectures. Experience with computer network penetration testing and techniques. Ability to identify and mitigate network vulnerabilities. Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact. A security certification such as CISSP or CCNP. Excellent verbal and written communication skills, including the ability to present ideas and reports. Experience in a University environment. Experience managing a security program in multiple IT functions. Project Management training is a plus.
Salary Range:
$80K -- $100K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
Project Management:
Responsible for managing security-related projects; individually or as a team lead. Produce project planning documentation and estimate-needed resources. Security Policy Documentation and Reporting:
Responsible for documenting and reporting on operational security processes to satisfy local, university, state and federal compliance. Security Incident Response:
Responsible for organizing DCE's response to security incidents and reporting back to DCE and Harvard University IT (HUIT) administration. Monitoring Security Logs:
Responsible for monitoring and comparing log files across many security and application tools, in order to detect intrusions or unusual behavior that would require further investigation. Vulnerability Assessment:
Continually assess DCE's network and server technology to determine security gaps or room for improvements. Participate in completing the Annual Security Assessment Report required by HUIT. Security Tool Maintenance and Configuration:
Ensure security tools are up-to-date and configurations reflect the current DCE environment. Research and Recommendation:
Conduct research into new security threats and make recommendations for new or updated security tools and processes. Typical Core Duties Review or perform complex procedures necessary to ensure the safety of information and to protect systems from intentional or inadvertent access, modification, disruption or destruction Recognize and identify potential areas where existing data security policies and procedures require change, or where new ones need to be developed (firewalls, intrusion detection, vulnerability scanning, host operating systems, and network devices) Perform or contribute to risk assessments Maintain awareness of emerging threats and trends within Information Security Provide community stakeholders and management with security risk assessments and security briefings to advise them of issues that may affect business outcomes Advise unit/school on questions in support of processes Act as a trusted advisor to clients/staff Abide by and follow the Harvard University IT Code of Conduct Basic Qualifications Minimum of five years' experience post-secondary education or relevant work experience Additional Qualifications and Skills BS Computer Science or Equivalent and 10
years of experience in similar role. 5
years' experience with security operations. Experience in security design, security programs. Experience planning, researching and developing security policies, standards and procedures Highly flexible, quality driven, goal oriented and able to participate in a team environment. Experience with networking, firewalls, computer forensic tools, SIEM, antivirus, IDPS and DLP concepts, risk assessment, and disaster recovery technologies and methods. Experience designing secure networks, systems and application architectures. Experience with computer network penetration testing and techniques. Ability to identify and mitigate network vulnerabilities. Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact. A security certification such as CISSP or CCNP. Excellent verbal and written communication skills, including the ability to present ideas and reports. Experience in a University environment. Experience managing a security program in multiple IT functions. Project Management training is a plus.
Salary Range:
$80K -- $100K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
