Job Standard for Network Security Engineer 4
How to use this Job Standard:
- The Purpose, Scope, Qualifications and Job Functions are specific to this job title and can not be edited.
- Click “View in Google Docs/Download” and download to Word.
- Under Essential Functions you may add an additional 35%, specific to your department needs.
- Complete this standard before creating the job announcement and posting the position.
- This standard will be used as the new Job Description for the prospective employee.
- After hire is complete, insert Employee Name and PCN#.
Network Security Engineer 4 Overview
- Work Type: Non-Classified/Professional
- Job Code: 75721
- Pay Grade: P13
- FLSA Status: Exempt
- Career Level: Principal
- Family: Information Technology
- Function: IT Security
Responsible to oversee and conduct vulnerability scans and penetration tests on campus systems, operates and monitor network and host-based intrusion detection/prevention systems, recommends security solutions, advises on systems and application-level security configurations and oversees and performs investigations and mitigations of security risks as required.
Recognized master in professional discipline with significant impact and influence on campus policy and program development. Establishes critical strategic and operational goals; develops and implements new products, processes, standards or operational plans to achieve strategies. Regularly leads projects of critical importance to the campus; these projects carry substantial consequences of success or failure. Requires significant influence and communication with executive leadership. Problems faced are frequently complex and multidimensional, requiring broad based consideration of variables that impact multiple areas of the organization.
Bachelor’s degree or an advanced degree and 8 years of Information Technology Experience and 5 years Information Security experience or equivalent professional experience. Prefer degree concentration in: Computer Information Systems, Management Information Systems, Computer Science, Technical Writing or Business.
Knowledge, Skills and Abilities
- Strong analytical and problem-solving skills.
- Solid understanding of common threats, penetration/intrusion techniques and attack vectors.
- Ability to communicate findings in both verbal and written form.
- Expert knowledge of Incident Response procedures.
- Expert working knowledge of a broad range of current IT platforms and technologies.
- Experience correlating unstructured data across a wide variety of logs and other inputs.
- Experience with at least one programming language such as Ruby, Python, Perl, Java or C++.
- Breadth in the information security space, with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques.
- Advanced experience in using an IDS and SIEM.
- Advanced experience with log and packet analysis tools and techniques.
- Advanced experience prioritizing remediation efforts along with analyzing and handling security incidents.
- Advanced knowledge and background of working with technical security issues facing large organizations.
- Experience in Linux administration.
- Experience in packet capturing and interpretation.
- Experience in penetration testing and computer forensics or malware analysis.
- Requires use/knowledge of IDS, SIEM, Memory and Disk Imaging and Forensics, compliance in areas such as PCI and FERPA and end user Operating Systems knowledge.
- GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN), GIAC Certified Forensic Analyst (GCFA) and GIAC Certified Web Application Penetration Tester (GWAPT) or equivalents.
60% of Time the Network Security Engineer 4 must:
- Serve as OITs IDS and SIEM Security Analyst
- Research and determine future needs based on trends and planned growth.
- Plan out replacement strategy.
- Lead Incident Response Team
- Provide potential solutions to limit the likelihood of future similar incidents and help determine the root cause of incident.
- Work with clients, internal or external on notification and remediation.
- Utilizing network tracking data through packet captures, netflow and other systems determine root cause analysis.
- Utilize standard tools perform application testing.
- Research applications for testing and verifying results and issues.
- Run quarterly PCI scans. Document Findings.
- Serve as OIT’s eDiscovery Engineer
- Investigate computer security incidents through containment, remediation and post incident analysis using forensic and memory analysis tools.
- Work with cross-functional members of business response teams including legal, HR, IT and Physical Security on investigations as required.
- Performs eDiscovery and Information Security fraud and cyber security investigations based on established requirements and scope.
- Manages execution of searches, procurement and chain-of-custody of electronic data.
- Maintains proficiency in trends, best practices, processes and emergency risks related to eDiscovery, Information
- Serve as OIT’s Security Engineer
- Planning and Execution of Risk Assessment, Security Audits, Vulnerability and Penetration testing.
- Take appropriate steps to demonstrate effective level of controls are in place to protect sensitive/confidential information within the customer environment (and to ensure compliance with PCI-DSS).
- Conduct security reviews with available tools to assess the security posture of applications and the hosting computer systems.
- Manage assigned work queue for customer needs.
- Assist customers with planning their future needs.
- Maintain working relationships within OIT, campus community, outside vendors and community members
35% of Time the Network Security Engineer 4
Determined by department needs
5% of Time the Network Security Engineer 4
Perform other duties as assigned
Work Environment and Physical Demands
Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body. General office work involves sitting most of the time, but may involve walking or standing for brief periods of time.
Position requires on call and after hours support for maintenance and service down scenarios.
May be required to travel with overnight stays for training.
Additional training/education or equivalent experience, as well as business need, are required for movement into higher level jobs.
Incumbent must perform the essential duties and responsibilities with or without reasonable accommodation. The above statements are intended to describe the general nature and level of work. Final employment offers are contingent upon a Final Candidate’s successful completion of a Background Verification and a determination by the University that the information derived from the Background Verification does not disqualify the individual. In addition, a Financial History Check and Motor Vehicle Record (MVR) Check may be required.