Information Security Engineer 1/2/3
Search #: 498803
Work type: Full-time
Location: Hartford Campus
Categories: Information Technology

JOB SUMMARY

CEN, through The University of Connecticut (UConn) Information Technology Services (ITS), has an amazing opportunity for Information Security (IS) professionals to join a fast-paced team providing information and cyber security services to our members in CT. Incumbents will manage and enhance CEN’s security infrastructure, customer service offerings, provide “DevSecOps” type support leveraging automation and self-service capabilities, develop API integrations for security tools, and generally advance the security of, and visibility into the network.
This posting is intended to provide support for CEN’s internal needs and externally customer facing managed security services. Those needs may include, though are not limited to: SIM/SIEM/SOAR management, Identity Access Management (IAM), MFA/2FA, Vulnerability Management, Endpoint Protection, Application Security, Firewalls, VPN, and IDS/IPS, load balancing, DDoS mitigation, web content filtering, penetration testing, security architecture, and other related Information Security disciplines.
The successful candidate will bring various levels of experience, support, and knowledge of specific network and information security (IS) methodologies, practices, processes, and software packages and a conceptual understanding of other IS security procedures and/or policies.

RELATED SKILLS AND COMPETENCIES

• Problem Solving: Demonstrates sound analytic and diagnostic skills dealing with issues that are loosely defined and/or where information is available but must be further manipulated. Once decisions are made, you can follow and direct action to implement intended results. Breaks a problem down to manageable pieces and implements effective, timely solutions. Openly and directly confront issues until resolved.
• Team Orientation: Builds relationships with peers and other departments to achieve objectives. Balances team and individual responsibilities. Exhibits objectivity and openness to others’ views. Gives and welcomes feedback. Puts success of team above self. Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures. Results are reviewed with next-level team lead/manager for clarification and direction before proceeding.
• Planning and Project Management: Works with, or serves as, the project lead in identifying those project tasks that are most important, establishes clear priorities and understands the larger picture. Executes project tasks and creates documentation as required.
• Physical Demands: This position involves extended periods of sitting and the extensive use of computers and office equipment. May involve stooping, kneeling, crouching and/or working on step ladders. Involves close vision, color vision, depth perception, and focus adjustment. Must be able to lift 35 lbs. to shoulder height.

SECURITY ENGINEER 2 (ADDITIONAL RESPONSIBILITIES INCLUSIVE OF ENGINEER 1)

• Develop and support CEN’s security infrastructure including but not limited to firewalls, DDoS mitigation system, filtering, load balancers, logging, SIEM, and identity access management.
• Host workshops, training, and/or events and mentor technical staff on security best practices and recommend training programs to encourage cross-team competency.
• Research, recommend, implement, and support security tools and counter measures to reflect the evolving security terrain and trends; perform manual penetration testing and reports as needed.
• Draft scripts or deploy programs to assist with automation, provisioning, and/or telemetry, and to ensure integrity of resources to dependent systems.
• Produce and maintain detailed engineering plans, operating procedures, diagrams, models, and standards as they relate to network security design, deployment, and operations.

SECURITY ENGINEER 3 (ADDITIONAL RESPONSIBILITIES INCLUSIVE OF ENGINEER 2)

• May serve as the senior technical resource and final escalation point for all things infosec related.
• Assist in negotiations with vendors and/or subcontractors.
• Operate autonomously with general direction and limited supervision.
• Lead major projects / initiatives related to information and network security.
• Integrate data for use between various applications.
• Identify gaps and implement solutions to align with best practices.
• Creates custom code to facilitate data gathering / sharing across applications.