Job Description Summary:
The Division of Information Technology (it.gwu.edu) is the chief provider of technology infrastructure, services and applications at GW. The Division partners with stakeholders across GW to equip students, staff and faculty with the technology know-how and tools necessary to achieve academic excellence. Reporting to the Director of Information Security Services, the Senior Security Engineer works within the Division's Information Security & Compliance Services department.
This position is comprised of equal parts design and hands on implementation. In the design realm, the Senior Security Engineer serves as a consultant to the University in matters related to Information Security. The Senior Security Engineer acts as a "hands-on" technical security architect and as such, recommends technical and process security enhancements to the Director of Information Security to augment the security posture of George Washington University. The Senior Security Engineer reviews, revises, and authorizes all enterprise firewall change requests based on their research and evaluation of the change requests effects on overall university network security. The incumbent reviews research, monitors technical landscape, and works with peer institutions in order pro-actively identify security enhancements and lead initiatives to ensure successful implementation of solutions delivery of superior information security services. The Senior Security Engineer also has hands on responsibilities for managing and improving the function of the suite of IT security tools utilized at the University. The incumbent participates in active troubleshooting of data flows, as well as evaluating and collaborating on the implementation of new security tools.
The successful candidate displays strong knowledge of computer security concepts as well as the ability to clearly communicate security risks associated with vulnerabilities. The position may be based either at GW's Foggy Bottom campus in Washington, DC or Virginia Science & Technology campus in Ashburn, VA but may require occasional travel between locations.
The incumbent may perform other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position.
Works with the incident response team and GW IT staff to remediate identified security issues and vulnerabilities until closure. Builds partnerships and relationships across the university community to help improve vulnerability resolution. ,
- Conducts monthly scans of all critical assets located in the GW data centers, performs ticketing and remediation/follow-up on all reported critical/high vulnerabilities.
- Analyzes vulnerability scan results and reports on aggregated vulnerabilities. Identifies false positives and risk acceptance candidates.
- Develops and implements remediation plans, provides security guidance to system and network administrators at the University.
Configures, troubleshoots, and performs system administration on various security hardware and applications, including, but not limited to: FireEye, Cisco Firesight (Sourcefire) IDS, Tenable Security Center. Executes the technical design, build, deployment and testing of network security solutions.,
Applies knowledge of key regulations to assess the security posture of third-party service providers as needed. Works with the vendors to Identify and mitigate risks. Serves as the security consultant for new and existing GW projects. Consults with key stakeholders and ISCS staff to collaboratively develop secure solutions to business and technology challenges.,
Performs Registration Authority Officer duties: processes gwu.edu SSL certificate requests and issues InCommon certificates. ,
Provides assistance in ISCS asset requisition, disposal, and license renewals.
Analyzes results from intrusion detection systems and other tools to detect compromises and ensure the integrity of the GW network, as a member of the incident response team. Assists in incident response and troubleshooting tasks.,
Enhances professional knowledge and skills by attending seminars/conferences, conducting research, and reviewing published literature.,
Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position.
The incumbent generally performs job duties in a normal business office environment. This involves working while sitting at a desk for extended periods of time. Additionally, the incumbent may be required to attend meetings in other offices, or deliver and/or retrieve information from other offices around campus. The ability to operate basic office equipment such as personal computers, duplicating machines, fax machines and standard office telephones may also be required.
- Subject matter expertise across the Information Security spectrum to include (but not limited to):
- Firewall and Network Security
- Security Architecture
- Cloud Security & Network Defense
- Strong ability to implement changes through informal influence and technical leadership.
- Strong analytical and creative problem solving skills to resolve highly complex security design issues and create new security solutions.
- Ability to understand large scale enterprise network architecture (multiple locations, 50K+ users).
- Experience and in-depth working knowledge of multiple technical disciplines including common Internet protocols, routing/switching, firewalls, network security monitoring technologies, IDS/IPS, and networking protocols including (OSPF, MPLS, BGP, IPv6).
- Understanding of cloud security standards and best practices for IaaS/PaaS/SaaS.
- Experience with all or some of the following systems and products:
- Palo Alto NGFW, Gigamon, Netoptics, Solarwinds Netflow, Silk, and fiber optics
- FireEye, Cisco Firesight, Sourcefire, Splunk
- Encase Enterprise
- Vulnerability scanners
- Windows Active Directory, Windows OS, Unix/Linux OS
- Knowledge of any scripting languages (WMI, Powershell, Perl, Python, Regex, etc.) is a plus.
- Strong written and oral communication skills.
Bachelor’s degree in an appropriate area of specialization plus 5 years of relevant professional experience. Degree requirements may be substituted with an equivalent combination of education, training and experience.
Special Instructions to Applicants::
In order to gain a better understanding of your experience, the professional experience section of your resume must include months in addition to years. For example, instead of "2014 – 2015," it should include "April 2014 – January 2015" or similar information.