Department: Information Security Office Salary/Grade: ITS/82
Are you looking to continue or grow your career in Information Security? To scale the cybersecurity program across the university, the Northwestern University Information Security Office is hiring a Senior Information Security Engineer to our growing Security Operations team. Successful candidates will apply their technical and cybersecurity talents to develop solutions, build/maintain systems, address risks proactively in key areas, and assist both stakeholders and university partners in key technical areas of information security. This job is perfect for someone who enjoys building new systems, engaging with clients, is a solid team-player and thrives in an innovative environment. The ideal candidate will demonstrate strong written and verbal communication skills, have experience with security information event management and automation systems (such as Splunk), vulnerability management systems (such as Tenable), and endpoint detection and response (such as CrowdStrike), have a solid understanding of networking, server-client technology, operating systems, and have achieved security or technology industry certifications.
Northwestern IT strongly values diversity in all forms. We live our values in our hiring practices and encourage women, racial and ethnic minorities, individuals of all sexual orientations and gender identities, individuals with disabilities, and veterans to apply.
Under limited supervision, apply cross-disciplinary IT engineering and cybersecurity knowledge to consult upon, design, test, and implement IT and cybersecurity systems/solutions that are both resilient and adaptive to an evolving cyber threat landscape. The Senior Information Security Engineer leads and delivers on security projects in their assigned domain(s) and provides guidance to other staff, as well as ensures compliance with all security associated NU, state, and federal rules and regulations. Works closely with stakeholders throughout Northwestern to implement cybersecurity best practices and controls.
Please note: This position will be required to participate in an on-call schedule that may result in occasional evening or weekend work.
Contribute to Risk Assessment and Security Evaluations
Provide Guidance and Support in evaluating vendors, open source products, and internally developed systems
Communicate how security standards, frameworks, and compliance documentation measure compliance of systems and applications
Support processes and systems around vulnerability assessments, risk analysis, and risk mitigation procedures
Represent the Information Security Office in collaborative and strategic initiatives, applying expertise and functioning as an integral, complementary part of the information security team
Review existing practices, developing and implementing cybersecurity controls, solutions, capabilities, and compliance
Act as cybersecurity point-of-contact for assigned domain(s)
Provide recommendations on emerging issues and the resources needed to address them to inform management-level decision-making
Promote compliance and risk-based controls prioritization related to assigned domain(s)
Conduct reviews to monitor and evaluate networks, systems, and services for conformity to existing policies, standards, and guidelines
Lead assigned projects in the design, development, testing, and implementation of technical solutions which advance strategic initiatives in Information Security and Privacy, including projects affecting the overall cybersecurity posture of Northwestern University
Review existing information security practices, developing and implementing systems and solutions for additional controls, capabilities, or compliance
Implement recommendations for assigned projects, in consultation with project team(s) and/or other information security staff
Provide recommendations for continual process improvements across all Information Security workflows
Draft and review documentation such as analyses of technical, administrative, or procedural security issues; procedural documentation/playbooks; and team documentation
Collaborate with other information security staff as needed for incident remediation or cybersecurity incident investigations
Provides troubleshooting and investigation assistance to users regarding potential or actual information security incidents.
Partners with users and internal/external staff to monitor and/or report school, unit, or departmental level cybersecurity issues/incidents within applications or systems.
Develop and maintain cybersecurity expertise through university-provided and external training/seminars/courses; staying abreast of industry trends, methods, and published literature; and participating in professional development programs/initiatives and approved by information security management.
Cultivate subject-matter expertise and skills in less experienced cybersecurity staff, in coordination with their supervisors and information security management
Performs other duties as assigned.
Successful completion of a full 4-year course of study in an accredited college or university leading to a bachelor's or higher degree in a major such as computer science, information technology, or related; OR appropriate combination of education and experience.
4+ years systems security or other relevant experience required.
Demonstrated experience with one or more of the following domains: Secure IT Operations, Data Security, Incident Response, Security Engineering, Network Security, Systems Security, or Vulnerability Management
Minimum Competencies: (Skills, knowledge, and abilities.)
7+ years of practical experience within technology and security environment. Technical background, with understanding of concepts of confidentiality, integrity and availability, disaster recovery, business continuity, user authentication and authorization.
Basic understanding of firewall theory and network security.
Strong oral and written communications skills.
Ability to weigh business needs against security concerns and articulate issues to the user community.
Work-Life and Wellness: Northwestern offers comprehensive programs and services to help you and your family navigate life’s challenges and opportunities, and adopt and maintain healthy lifestyles. We support flexible work arrangements where possible and programs to help you locate and pay for quality, affordable childcare and senior/adult care. Visit us at https://www.northwestern.edu/hr/benefits/work-life/index.html to learn more.
Professional Growth & Development: Northwestern supports employee career development in all circumstances whether your workspace is on campus or at home. If you’re interested in developing your professional potential or continuing your formal education, we offer a variety of tools and resources. Visit us at https://www.northwestern.edu/hr/learning/index.html to learn more.
Northwestern requires all staff and faculty to be vaccinated against COVID-19, subject to limited exceptions. For more information, please visit our COVID-19 and Campus Updates website.
The Northwestern campus sits on the traditional homelands of the people of the Council of Three Fires, the Ojibwe, Potawatomi, and Odawa as well as the Menominee, Miami and Ho-Chunk nations. We acknowledge and honor the original people of the land upon which Northwestern University stands, and the Native people who remain on this land today.
Northwestern University is an Equal Opportunity, Affirmative Action Employer of all protected classes, including veterans and individuals with disabilities. Women, racial and ethnic minorities, individuals with disabilities, and veterans are encouraged to apply. Click for information on EEO is the Law.
Northwestern University is a major private research university with 12 academic divisions located on three campuses in Evanston, Chicago, and Education City in Doha, Qatar. We have approximately 2,500 full-time faculty members, 17,000 graduate and undergraduate students, and over 5,700 full and part-time staff. Northwestern University combines innovative teaching and pioneering research in a highly collaborative environment. It provides students and faculty exceptional opportunities for intellectual, personal and professional growth.