Security System Analyst/Engineer
Company Name:
Oregon Health & Science University
Job Title
Security System Analyst/Engineer
Department
ITG
Location
MSB 500
Work Unit Description
Work Schedule, Hours, FTE, Salary Range
1.0 FTE; $91,645-137,467/year; Location: Portland, Downtown. This is a limited duration position with funding identified for up to 18 months.
Functions/Duties of Position
The Security Engineering unit provides for access control and analysis of the OHSU IT Network and applications environments for risks and threats, This unit also ensures that proposed and existing systems and network security architectures are engineered for and aligned with and operated according to OHSU security policies and standards as well as industry best practices, and develops mitigation strategies, techniques and processes for security breaches. As detailed below, the individual positions within this work unit will be required to collaborate and assist staff in other technology work units.
As members of the Security Engineering work unit, the Systems Analyst/Engineer provides a high level, broad spectrum of systems analysis, engineering, and project management for OHSU ITG technology platforms that support Enterprise services and missions. Specifically, this position provides for Systems Analysis, Systems Administration, Systems Engineering, Security Administration and Project Management. The primary work for this position is in support of enterprise wide integrated information technology security systems solutions that ensure protection and integrity of proprietary/confidential data. This position supports underlying security technology platforms and processes including intrusion prevention and detection systems, anti-virus/malware systems, firewalls, audit tools, and breach mitigations tools. In addition, this position will provide back-fill to other TeSD work units that utilize the Systems Analyst/Engineer. Members of these work units will routinely work with, augment and backfill members of the Network Architecture, Design and Infrastructure Operations work units that have several overlapping responsibilities. The incumbent will have primary responsibilities for one or more technology platforms and secondary responsibility for other technologies. This position also provides for communications and technical feedback between customers, field support, and other ITG work units and provides (Tier III) support and technical escalation for design and problem resolution.
This position is distinguished by a hybrid combination of technology roles that include Systems Analyst, Systems Administrator, Systems Engineer, and Project Manager. These are multi-tasking, broadly based, positions that require a unique combination of analytic, engineering, project management, and customer service skills to provide ITG systems support across all OHSU healthcare, academic and research missions. Incumbents are proficient in troubleshooting and root cause analysis using the scientific method of refining a problem statement, and queuing up a series of increasingly specific tests to isolate the problem. Necessarily, this requires specialized knowledge for the equipment and services for which the analyst/engineer is directly responsible. In addition, expert broad based knowledge is used to troubleshoot integrated applications suites, services running across hybrid network architectures, virtualized servers or desktops, load balanced web farms, firewalled VPNS, etc.
The Systems Analyst/Engineer is also distinguished by a broad spectrum and high degree of technical skills/experience, and the ability to effectively multi-task across job roles and across multiple technology platforms. This position comprises the core of the ITG Information Security Incident Response Team (ISIRT). Lastly, this position is distinguished by a requirement to rapidly and dynamically respond to a continuously changing technology environment.
Job Requirements
Bachelor's degree, and three years of progressively responsible Information Technology-related experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR Equivalent alternative educational experience that includes approved coursework, professional certifications as outlined below, vendor training, and seven years of documented professional experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR An equivalent combination of education and experience.
Experience in designing, implementing and supporting new systems and infrastructure independently
Experience using SDLC or like processes to manage projects
Experience in supporting large mission critical systems in multiple production environments including solution design and tuning
Extensive experience with Cisco or other main stream switching technologies
Experience Juniper and CS-MARS system, IDP ISG, IPS or other IDS/IPS platforms
Working technical knowledge of SNORT, Nessus, NCASE and other security scanning solutions, as well as open source tools
Experience with IPX, TCP/IP, and other networking protocols.
Crash analysis and troubleshooting
Application installation and configuration
Understanding of Microsoft Networks at the operating system level, file/directory security, and user account level
Enterprise Experience with Systems administration (at minimum UNIX, Linux and Microsoft), Sendmail, Scripting
Three years of hands on experience with Cisco routers and switches
Proficient in network architectures and topologies
Expert knowledge of network security at the operating system level, file/directory level, and user account level
Expert knowledge of application of HIPAA control implementation
Comprehensive knowledge of the following:
Network Protocols (AppleTalk, IPX, NetBIOS, SNA, TCP/IP, etc.)
Routing Protocols (NLSP, RIP, OSPF, etc.)
Network Topologies (Ethernet, Token Ring, FDDI, Fast Ethernet, ATM, etc.)
Data Communications Equipment (Hubs, Bridges, Routers, Switches, DSU, Multiplexers, etc.)
Network Management Tools (SNMP, Transcend, HP OpenView, RMON, Sniffer, CiscoWorks, etc.)
Premise Distribution Systems (Fiber, Copper Cabling Systems, etc.)
Firewall Technologies: Cisco PIX, Checkpoint, Stonebeat
General knowledge of the following:
Operating Systems (UNIX, DOS, Windows 3.1/95/NT, MVS, MPE, etc.)
Network Operating Systems (NetWare, Windows NT, etc.)
Security Analysis Tools: Retina, Nessus
Microsoft Administration / Operations
Desktop architecture and design
Microsoft SMS administration
McAfee ePO administration
Knowledge of NIX operating system management and configuration
Familiarity with implementation of security best practices
Knowledge of vulnerability assessment tools, i.e. NMAP, Retina, etc.
Management of event correlation tools
Core and end-user messaging systems including Edge Appliances, Email Firewall, UNIX Sendmail, MS Exchange, POP/IMAP, Paging, other messaging systems and gateways
Directory service experience (Microsoft Active Directory, LDAP interfaces, etc.)
One or more scripting and/or programming languages such as, or equivalent to Perl, UNIX Shell, C Shell, .NET, Visual Basic, Java, HTML, etc.
CISSP certification
Additional Details
OHSU is an equal opportunity, affirmative action institution. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of disability or protected veteran status. Applicants with disabilities can request reasonable accommodation by contacting the Affirmative Action and Equal Opportunity Department at .
How To Apply
Apply online.
Referral Bonus Eligible
Referral Bonus Amount
Drug Testable
NoEstimated Salary: $20 to $28 per hour based on qualifications.
Oregon Health & Science University
Job Title
Security System Analyst/Engineer
Department
ITG
Location
MSB 500
Work Unit Description
Work Schedule, Hours, FTE, Salary Range
1.0 FTE; $91,645-137,467/year; Location: Portland, Downtown. This is a limited duration position with funding identified for up to 18 months.
Functions/Duties of Position
The Security Engineering unit provides for access control and analysis of the OHSU IT Network and applications environments for risks and threats, This unit also ensures that proposed and existing systems and network security architectures are engineered for and aligned with and operated according to OHSU security policies and standards as well as industry best practices, and develops mitigation strategies, techniques and processes for security breaches. As detailed below, the individual positions within this work unit will be required to collaborate and assist staff in other technology work units.
As members of the Security Engineering work unit, the Systems Analyst/Engineer provides a high level, broad spectrum of systems analysis, engineering, and project management for OHSU ITG technology platforms that support Enterprise services and missions. Specifically, this position provides for Systems Analysis, Systems Administration, Systems Engineering, Security Administration and Project Management. The primary work for this position is in support of enterprise wide integrated information technology security systems solutions that ensure protection and integrity of proprietary/confidential data. This position supports underlying security technology platforms and processes including intrusion prevention and detection systems, anti-virus/malware systems, firewalls, audit tools, and breach mitigations tools. In addition, this position will provide back-fill to other TeSD work units that utilize the Systems Analyst/Engineer. Members of these work units will routinely work with, augment and backfill members of the Network Architecture, Design and Infrastructure Operations work units that have several overlapping responsibilities. The incumbent will have primary responsibilities for one or more technology platforms and secondary responsibility for other technologies. This position also provides for communications and technical feedback between customers, field support, and other ITG work units and provides (Tier III) support and technical escalation for design and problem resolution.
This position is distinguished by a hybrid combination of technology roles that include Systems Analyst, Systems Administrator, Systems Engineer, and Project Manager. These are multi-tasking, broadly based, positions that require a unique combination of analytic, engineering, project management, and customer service skills to provide ITG systems support across all OHSU healthcare, academic and research missions. Incumbents are proficient in troubleshooting and root cause analysis using the scientific method of refining a problem statement, and queuing up a series of increasingly specific tests to isolate the problem. Necessarily, this requires specialized knowledge for the equipment and services for which the analyst/engineer is directly responsible. In addition, expert broad based knowledge is used to troubleshoot integrated applications suites, services running across hybrid network architectures, virtualized servers or desktops, load balanced web farms, firewalled VPNS, etc.
The Systems Analyst/Engineer is also distinguished by a broad spectrum and high degree of technical skills/experience, and the ability to effectively multi-task across job roles and across multiple technology platforms. This position comprises the core of the ITG Information Security Incident Response Team (ISIRT). Lastly, this position is distinguished by a requirement to rapidly and dynamically respond to a continuously changing technology environment.
Job Requirements
Bachelor's degree, and three years of progressively responsible Information Technology-related experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR Equivalent alternative educational experience that includes approved coursework, professional certifications as outlined below, vendor training, and seven years of documented professional experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR An equivalent combination of education and experience.
Experience in designing, implementing and supporting new systems and infrastructure independently
Experience using SDLC or like processes to manage projects
Experience in supporting large mission critical systems in multiple production environments including solution design and tuning
Extensive experience with Cisco or other main stream switching technologies
Experience Juniper and CS-MARS system, IDP ISG, IPS or other IDS/IPS platforms
Working technical knowledge of SNORT, Nessus, NCASE and other security scanning solutions, as well as open source tools
Experience with IPX, TCP/IP, and other networking protocols.
Crash analysis and troubleshooting
Application installation and configuration
Understanding of Microsoft Networks at the operating system level, file/directory security, and user account level
Enterprise Experience with Systems administration (at minimum UNIX, Linux and Microsoft), Sendmail, Scripting
Three years of hands on experience with Cisco routers and switches
Proficient in network architectures and topologies
Expert knowledge of network security at the operating system level, file/directory level, and user account level
Expert knowledge of application of HIPAA control implementation
Comprehensive knowledge of the following:
Network Protocols (AppleTalk, IPX, NetBIOS, SNA, TCP/IP, etc.)
Routing Protocols (NLSP, RIP, OSPF, etc.)
Network Topologies (Ethernet, Token Ring, FDDI, Fast Ethernet, ATM, etc.)
Data Communications Equipment (Hubs, Bridges, Routers, Switches, DSU, Multiplexers, etc.)
Network Management Tools (SNMP, Transcend, HP OpenView, RMON, Sniffer, CiscoWorks, etc.)
Premise Distribution Systems (Fiber, Copper Cabling Systems, etc.)
Firewall Technologies: Cisco PIX, Checkpoint, Stonebeat
General knowledge of the following:
Operating Systems (UNIX, DOS, Windows 3.1/95/NT, MVS, MPE, etc.)
Network Operating Systems (NetWare, Windows NT, etc.)
Security Analysis Tools: Retina, Nessus
Microsoft Administration / Operations
Desktop architecture and design
Microsoft SMS administration
McAfee ePO administration
Knowledge of NIX operating system management and configuration
Familiarity with implementation of security best practices
Knowledge of vulnerability assessment tools, i.e. NMAP, Retina, etc.
Management of event correlation tools
Core and end-user messaging systems including Edge Appliances, Email Firewall, UNIX Sendmail, MS Exchange, POP/IMAP, Paging, other messaging systems and gateways
Directory service experience (Microsoft Active Directory, LDAP interfaces, etc.)
One or more scripting and/or programming languages such as, or equivalent to Perl, UNIX Shell, C Shell, .NET, Visual Basic, Java, HTML, etc.
CISSP certification
Additional Details
OHSU is an equal opportunity, affirmative action institution. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of disability or protected veteran status. Applicants with disabilities can request reasonable accommodation by contacting the Affirmative Action and Equal Opportunity Department at .
How To Apply
Apply online.
Referral Bonus Eligible
Referral Bonus Amount
Drug Testable
NoEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
