The University Information Security department (UIS) at the University of Minnesota seeks a Security Operations Engineer - Cloud who will work with the security operations team to detect and respond to security incidents in public cloud environments (primarily Azure, AWS, and GCP). In addition they will provide input on logging requirements, develop monitoring and alerting, and create automated or manual incident response workflows. The Security Operations Engineer - Cloud will collaborate with other teams to help identify security improvements targeting our detection and response capabilities, and help detect and analyze cloud incident detection and response capabilities across the security operations team.
University paid contribution (10% of your salary) to your retirement account - vested immediately.
22 paid vacation days per year, in addition to sick leave and 11 paid holidays.
Reduced tuition opportunities covering 75% - 100% of eligible tuition.
Excellent and affordable health care benefits.
Wellness program with opportunity to earn lower health care rates.
Free disability insurance.
Annual merit increase program.
Identify and communicate operational security requirements to cloud architecture teams.
Develop tools to detect and analyze cloud security incidents and automate or streamline responses.
Optimize cloud security operations processes and procedures.
Advise and assist IT professionals with cloud security incident remediation.
Provide technical leadership and mentoring to other security operations team members.
Analyze, identify, and respond to cloud security related events.
Keep current on information security technologies and the threat environment.
Lead incident response activities as needed.
Other duties as assigned.
BA/BS degree in computer science, MIS or a closely related field and 6 years of related professional experience OR a combination of education and related professional work experience in an area closely related to this position totaling 10 years.
Experience with incident detection and incident response in one or more major cloud environments (AWS, Azure, GCP)
Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability.
Strong technical security background and experience working with various security technologies (identity & access management, encryption, firewalls, network security, intrusion detection systems, etc.) and how they apply to Cloud environments.
Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Understanding of and experience with security operations in multi-cloud environments, such as intrusion detection, incident response, eDiscovery, and forensics.
Experience with at least one programming language.
Experience with Splunk and the SPL query language or other SIEM technology.
One or more cloud certifications (example: AWS Certified Security - Specialty, Microsoft Certified: Security Operations Analyst Associate, GCP Professional Cloud Security Engineer, Certified Cloud Security Professional [CCSP], CompTIA Cloud+, GIAC Cloud Security Essentials [GCLD], GIAC Public Cloud Security [GPCS], GIAC Cloud Threat Detection [GCTD])
The University of Minnesota, founded in the belief that all people are enriched by understanding, is dedicated to the advancement of learning and the search for truth; to the sharing of this knowledge through education for a diverse community; and to the application of this knowledge to benefit the people of the state, the nation, and the world.