| Posting Summary: UVa's Information Security, Policy, and Records Office (ISPRO) is looking for a Information Security Engineer to help mitigate information security threats against the University. The chosen candidate will be a Microsoft Windows subject matter expert and will work with a diverse team of security professionals to implement new information security solutions, consult on security best practices, and participate in incident response with the security operations team. A citizen of the United States, a permanent resident alien of the United States, or a protected individual as defined by 8 U.S.C.1324b(a)(3) is a requirement for this position. |
Required Minimum Level of Education: *Degree or Equivalent Experience Required
Required Specific Degree/Training: Bachelor's Degree in Engineering, Computer Science, Information Systems, or a related field plus four years of relevant education, experience and training.
Preferred Minimum Level of Education: *Degree Preferred
Preferred Specific Degree/Training: Master's Degree in Engineering, Computer Science or a related field.
Required Minimum Level of Experience: Considerable - 4 to 7 years
Required Specific Experience: Experience managing, maintaining, and supporting Microsoft operating systems and application servers in a large enterprise environment.
Experience reviewing, adding, removing, and editing entries in the Windows registry for multiple versions of the Microsoft Windows operating systems.
Demonstrated high-level technical expertise diagnosing and troubleshooting hardware, operating system installation, configuration, and application problems.
Demonstrate experience using Microsoft Powershell to automated tasks or connect systems in a enterprise environment.
Preferred Minimum Level of Experience: Extensive - 7 years plus
Preferred Specific Experience: Prior experience designing, implementing, managing, maintaining, and supporting Microsoft operating systems, applications and platforms.
Experience building servers, installing applications and familiarly with a broad range of popular Microsoft applications. Advanced operating system configurations such as group policy, clustering, and high availability configurations.
Experience with a patch management system application, a vulnerability management system, and a centralized anti-malware system.
Experience configuring and using two-factor authentication system within Windows..
Experience working with customers, security organizations, and senior leadership.
Preferred License or Certification: CISSP, CISA, or one or more security certifications.
Required Knowledge, Skills and Abilities: Solid understanding of Microsoft operating system configuration and administration, as well as Microsoft technologies such as Active Directory, Exchange and Office365
Working understanding of network configurations, PowerShell scripting, .Net and .Net Platforms
Demonstrate outstanding customer service and business communications skills
Good team-working skills with a consensus-approach taken towards documentation, change-management, project management, and security
Preferred Knowledge, Skills and Abilities: Understanding of best practices for system administration, system design and configuration.
Experience in configuration and deployment and support of advanced Microsoft systems such as: clustering, failover and high availability best practices.
Advanced troubleshooting skills for operating systems, platforms, enterprise systems and services.
Familiarization with information security concepts, mitigation strategies, and threat modeling.
Experience with highly virtualized environments.
Required Computer Applications: Windows 7 (or newer)
Windows Server 2012
Microsoft System Center Configuration Manager (SCCM)
Preferred Computer Applications: Windows Office 365
DUO multi-factor authentication
Symantec Endpoint Protection, MalwareBytes Enterprise, McAfee ePolicy Orchestrator, Microsoft Security Essentials, or other enterprise anti-malware solution
QualysGuard, Nessus, Nexpose, or other enterprise vulnerability management system
Nmap, Massscan, or other network port scanners
Alienvault, Archsight, Nitro, QRadar, Splunk, or other enterprise data aggregation and correlation product
BigFix, Case, LANdesk, System Center Operations Manager, Tanium, Windows Server Update Services or other enterprise patching solution