Information Security Engineer

University of Alaska


Information Security Engineer

  • JOB NUMBER: 519782

  • CLASSIFICATION: Information Systems Professional 5A

  • GRADE: Grade 82

  • WORK TYPE: Hybrid, On Campus, Remote, Remote within Alaska, Staff Full-time

  • ADMINISTRATIVE UNIT: University of Alaska Fairbanks

  • SCHOOL/BUSINESS UNIT: UAF Office Information Technology

  • LOCATION: Fairbanks

  • CATEGORIES: Information Systems/Technology

Position Summary:

The University of Alaska is excited to offer qualified candidates the opportunity to join the UA System as an Information Security Engineer. The security engineer position reports to the Manager of Security Operations and works as part of a team dedicated to protecting UA's data and systems. This position can be based at the University of Alaska Anchorage, University of Alaska Fairbanks, or University of Alaska Southeast. Security Engineers are responsible for architecture, management, and integration of endpoint, email, network, and cloud security for the UA System with support from the rest of the Information Security and Assurance team and centralized and decentralized IT staff.

Duties:

Engage in routine risk assessment and mitigation activities; support internal and external audits and assessments.

Maintain professional knowledge around relevant topics, engage in professional development activities, participate in or lead internal and external meetings with key stakeholders and governance groups.

Coordinate with risk and security analysts and others within or outside Information Security and Assurance to audit and improve security controls and address operational concerns (e.g. trouble tickets, break-fix activities, workflow evaluation and improvement, etc.).

Support the development, collection, and reporting of operational metrics.

Design, implement, maintain, and enhance endpoint, network, email, cloud, and general cybersecurity systems, services, and processes, potentially including (but not limited to) SIEM, EDR, vulnerability management, email security tools, DMARC/DKIM/SPF, network and border tools including NAC, NGFW, traffic shunning, NTA/NDR, VPN, cloud information protection and management (CASB, DLP, etc.).

KNOWLEDGE/SKILLS/ABILITIES:

Excellent communication skills including both written and oral communications and experience presenting information to diverse audiences with varying levels of technical knowledge.

Broad operational knowledge of information technology including infrastructure (systems/networking), applications/operating systems, and security-focused technology such as firewalls, IDS/IPS, endpoint protection, encryption, cloud security, SIEM/log management, and other operational security tools and technologies.

Familiarity with programming or scripting languages and their use in automating tasks and improving workflows and automation of routine activities.

Demonstrated interest in learning new technologies and tools and integrating them into day-to-day operations.
Strong project management skills, including the ability to prioritize and manage multiple projects and high-level tasks simultaneously.

Knowledge of and experience with general audit and compliance concepts including risk assessment, controls, supporting evidence/documentation, and regulatory requirements including CJIS, CMMC, DFARS, FERPA, HIPAA, GLBA, and PCI; knowledge of information security frameworks such as NIST800-53, NIST800-171, ISO 27000, CIS CSC, etc.


Ability to thrive in an environment with short deadlines, evolving challenges, and multiple simultaneous projects while maintaining good judgment, proactive communication, and prompt resolution of any issues.

Maintain active understanding of industry practices for threat analytics and incident response.
Apply or recommend adaptive security measures based on investigative findings and threat indicators.

TYPICAL EXPERIENCE:

The successful candidate will be self-motivated and highly technical, with many years of experience supporting enterprise systems. A detailed knowledge of several (not all) of the following systems, services, and technologies is expected:

Endpoint: SIEM, EDR, UEM, ITAM, patching, vulnerability management

Email: DMARC, DKIM, SPF, email compliance (legal holds and data retention), email security/anti-phishing

Network: DHCP, DNS, IDS/IPS, NAC, NGFW, VPN, WAF, 802.1x, concepts including switching, routing, subnetting, zero trust, zoning/segmentation/VLANs

Cloud: CASB, DLP, cloud compliance, monitoring, security, and management solutions to manage and protect cloud computing environments (AWS, Azure, GCP), cloud collaboration platforms (e.g. M365, Google Workspace), and SaaS/PaaS/IaaS services

General Cybersecurity: honeypots, cyber threat intelligence (CTI), threat hunting, digital forensics, identity management, digital certificates, encryption, UEBA

Excellent communication and project/time management skills are required. Diplomacy and an interest in collaborative problem solving and project management will be beneficial in this role. Familiarity with programming or scripting languages and use of those in automation is highly desired.

REQUIRED EDUCATION OR TRAINING:

Bachelor's degree and 5+ years of relevant experience, OR an equivalent combination of training, education, and documented professional experience.

Two or more relevant IT/cybersecurity certifications (vendor-specific or those from bodies such as ISC(2), ISACA, SANS, etc.) desired at time of hire, required within the first year of employment.

Travel and on-call required.

 

This is a full-time, Grade 82, minimum $72,363 yearly, DOE, 12-month position complete with a competitive salary and UA employee benefits package.

This position is open until filled.

Please upload your resume, cover letter and three professional references.

*To be eligible for this position, applicants must be legally authorized to work in the United States without restriction.  Applicants who now or may in the future require visa sponsorship to work in the United States are not eligible.

UAF COVID Requirements

Effective immediately, all new UAF hires, whose job function or work location results in the employee being subject to the UAF vaccine requirements guided by the Federal Contractor Employee vaccine mandate*, must be fully vaccinated with an FDA- or WHO- authorized or approved COVID-19 vaccine or have obtained a university-approved disability/medical or religious exemption no later than six weeks from the new hire's start date.

*Employees based on UAF’s Troth Yeddha’ (Fairbanks) campus, regardless of university affiliation and remote work status; Employees based in UAF research units outside Fairbanks (including Seward Marine Center, Kodiak Seafood and Marine Science Center, HAARP, Poker Flat, Lena Point, and Toolik Field Station); and Employees, regardless of their work location, paid by or directly working on impacted UAF federal contract.

 

Reasonable Accommodation Statement:

The University of Alaska (UA) is responsible for providing reasonable accommodations to individuals with disabilities throughout the applicant screening process. If you need assistance in completing this application or during any phase of the interview process, please contact UA Human Resources by phone at 907-450-8200.

Affirmative Action Statement:

UA is an AA/EO employer and educational institution and prohibits illegal discrimination against any individual: www.alaska.edu/nondiscrimination

Background Check:

The successful applicant is required to complete a background check. Any offer of employment is contingent on the background check.

Probationary Period:

Pursuant to University Regulation 04.07.020, new employees of the University are employed in an at-will probationary status for the first six months of employment. During the probationary period, employment may be terminated for no reason or any reason. Promoted employees also serve a probationary period with limited rights of retreat.

Public Disclosure Statement:

Your application for employment with the University of Alaska is subject to public disclosure under the Alaska Public Records Act.

University of Alaska is a Drug-Free Workplace. University of Alaska campuses are Tobacco-Free.

Training Policy:

It is the policy of the University of Alaska (UA) that all employees are required to complete training to meet the requirements of the positions they hold, and to complete the required training within a specified period to remain employed at the UA.

Contact Information:

If you have any questions regarding this position, please contact University of Alaska HR at 907-450-8200.

Fairbanks, AK

1 year(s) ago

Tribal Affiliation(s)
Any Affiliation