Senior Information Security Engineer

  • Salk Institute for Biological Studies
  • La Jolla, CA 920371002, USA
  • Apr 07, 2022
Full time Computer & Web Services, Info Technology

Job Description

 

The Senior Information Security Engineer works with the IT Manager and Senior Director of IT to ensure the security of information assets of the Institute. This position also works closely with Information Systems leadership, administrative department heads and senior technical staff to incorporate feedback from end users and institutional administration to develop and maintain a holistic network and systems security plan.

This role focuses on the implementation of projects designed to enhance the Institute's system and network security posture.  It has operational responsibility for network security and firewall administration and management, IPS systems, platform and operating system security, software security, EDR and anti-virus systems, and analysis of data provided by intrusion detection and vulnerability assessment tools.

This role can be performed remotely in part, although a certain amount of on-premise work is required.

ESSENTIAL FUNCTIONS

System and Network Security Project Work (40%)

  1. Analyzes short and long-term system security needs by evaluating security software and related technologies to improve performance and allow for increased usage
  2. Researches existing and emerging security products and recommends initiatives for implementation based on Institute requirements and IT department management direction
  3. Coordinates efforts with System and Network administrators, lab managers and department heads to implement projects while minimizing impact on research and administrative operations
  4. Evaluates system and network security software determining suitability
  5. Recommend projects and policies to improve mobile device security including BYOD policy engines, network access control, and encryption

System and Network Security Operations (35%)

  1. Recommends policy and procedural changes to improve and strengthen Institute security posture
  2. Participates in implementation of security policy regarding firewall rules and intrusion detection filters
  3. Monitors, maintains, and upgrades software and security components of the network by using tools to evaluate network and system capability and functionality
  4. Provides security consulting support for IT groups supporting desktops and servers, as well as with end-users
  5. Assists with maintenance of user VPN, centralized SIEM logging systems, anti-virus/anti-spam systems and other security related systems
  6. Develops and establishes tools and procedures for monitoring network inconsistencies
  7. Oversees intrusion detection and vulnerability assessment activities
  8. Coordinates activities of platform experts for system patches and fixes
  9. Monitors platform vendors for security patches and fixes
  10. Meets with Faculty and Department heads to assist in securing lab data
  11. Coordinate with Cloud Infrastructure Architect to secure cloud-based infrastructure

Proactive Security Measures and Incident Response (15%)

  1. Analyzes network & web traffic for patterns of attack, including advanced intrusion analysis, and system and network forensics
  2. Periodically scans network to identify hosts with unsupported operating systems or components; work with IT team to mitigate risks by limiting host accessibility to a single VLAN
  3. Manage and maintain network segmentation to protect hi-value targets
  4. Participate in technical project implementation phase to ensure security of new systems
  5. Function as part of the Incident Response Team

On-Call and Other Duties (10%)

  1. Responsible for responding to after-hours incidents and outages as assigned
  2. Performs other duties as assigned

EXPERIENCE

Required:

  •  5+ years demonstrated experience implementing security initiatives and projects
  • 5+ years demonstrated experience in network and security operations
  • Experience with Windows, OSX and multiple variants of Unix/Linux
  • Extensive knowledge of TCP/IP protocols and routing, network monitoring tools, vulnerability scanners, firewalls, routers, switches and other security devices and software
  • Knowledge of SSL, DNS, encryption, and web services
  • Experience with SIEM systems
  • Experience with auditing and securing cloud collaboration environments
  • Experience with Microsoft Office (Word, Excel, Outlook, PowerPoint)
  • Experience in a customer-facing role

 Preferred:

  • CISSP certification or similar information security certification
  • Experience securing AWS, Office 365 and other cloud tenancies
  • Experience with Scripting & Configuration Management / Orchestration tools (Ansible, Chef, Puppet)
  • Experience in a research or educational environment

EDUCATION

Required

  • Bachelor's degree in computer science or information systems, or the equivalent combination of education, training and experience

 Preferred

  • Advanced degree in computer science or information systems

 SKILLS AND ABILITIES

 Required

  •  Exercises considerable latitude in determining objectives and approaches to assignments. Erroneous decisions are long-lasting, impact the institute as a whole and result in large expenditures of institute resources
  • Ability to play a vital role in this consensus-building process to guide the IT department towards making solid, actionable decisions
  • Works on extremely complex issues which incorporate several disciplines
  • Under direction of the Senior IT Director and the IT Manager, the candidate will assume leadership roles for large-scale projects and for delivering satisfactory work results to meet deadlines
  • Exercises independent judgment on a variety of intricate security issues (network, endpoint, cloud, software, mobile, identity)
  • Strong systems administration skills on Windows, Mac, and Linux, to assist in investigations and for other assigned tasks
  • Strong analytical, verbal, and written communications skills 
  • Ability to develop technical presentations on relevant security topics and present to technical staff and management
  • Ability to develop training materials on new security policies, tools and operational procedures
  • Ability to work on multiple complex projects at the same time, adjusting priorities as needed to meet Institute and departmental goals
  • Ability to develop action plans in situations where there may be competing goals, unclear requirements or decisions that have significant tradeoffs
  • Ability to function in the capacity of consultant to management and end-users
  • Ability to interface with senior internal and external personnel on security issues
  • Ability to communicate technical information to non-technical personnel

SPECIAL CONDITIONS OF EMPLOYMENT

  •  Must be willing to work in an animal-related research environment.
  • Satisfactory completion of the Institute's background investigation.
  • Willing to sign a confidentiality agreement

PHYSICAL REQUIREMENTS/MENTAL ACTIVITIES/ENVIRONMENTAL CONDITIONS

This position will be constantly adjusting focus, grasping, hearing, keying, seeing, sitting, talking, analyzing, calculating, communicating, reading, reasoning, writing and working inside. 

 

Application Details

Apply Here: https://www.salk.edu/about/careers/

 

 Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

 

When inquiring or applying for positions at the Salk Institute for Biological Studies, please also reference AcademicCareers.com

Applicants with dual-career considerations can find university jobs such as professor jobs, dean jobs, chair / department head jobs, and other faculty jobs and employment opportunities at the Salk Institute for Biological Studies and at other institutions of higher education in the region on www.AcademicCareers.com

Diversity_Logo.png