Security Engineer

    Apply now
  • Job Number:519522
  • Classification:Information Systems Professional 5A
  • Grade:Grade 82
  • Work type:Hybrid, Staff Full-time
  • Administrative Unit:University of Alaska Statewide
  • School/Business unit:SW Office of Chief Security Officer
  • Location:Anchorage, Fairbanks, Juneau
  • Categories: Information Systems/Technology

Position Summary:

The University of Alaska is excited to offer qualified candidates the opportunity to join the UA System as an Information Security Engineer. The security engineer position reports to the Manager of Security Operations and works as part of a team dedicated to protecting UA's data and systems. This position can be based at the University of Alaska Anchorage, University of Alaska Fairbanks, or University of Alaska Southeast. Security Engineers are responsible for architecture, management, and integration of endpoint, email, network, and cloud security for the UA System with support from the rest of the Information Security and Assurance team and centralized and decentralized IT staff.

Duties:

10Engage in routine risk assessment and mitigation activities; support internal and external audits and assessments.Essential
15Maintain professional knowledge around relevant topics, engage in professional development activities, participate in or lead internal and external meetings with key stakeholders and governance groups.Essential
20Coordinate with risk and security analysts and others within or outside Information Security and Assurance to audit and improve security controls and address operational concerns (e.g. trouble tickets, break-fix activities, workflow evaluation and improvement, etc.).Essential
5Support the development, collection, and reporting of operational metrics.Essential
50Design, implement, maintain, and enhance endpoint, network, email, cloud, and general cybersecurity systems, services, and processes, potentially including (but not limited to) SIEM, EDR, vulnerability management, email security tools, DMARC/DKIM/SPF, network and border tools including NAC, NGFW, traffic shunning, NTA/NDR, VPN, cloud information protection and management (CASB, DLP, etc.).Essential

KNOWLEDGE/SKILLS/ABILITIES:

Excellent communication skills including both written and oral communications and experience presenting information to diverse audiences with varying levels of technical knowledge.

Broad operational knowledge of information technology including infrastructure (systems/networking), applications/operating systems, and security-focused technology such as firewalls, IDS/IPS, endpoint protection, encryption, cloud security, SIEM/log management, and other operational security tools and technologies.

Familiarity with programming or scripting languages and their use in automating tasks and improving workflows and automation of routine activities.
Demonstrated interest in learning new technologies and tools and integrating them into day-to-day operations.
Strong project management skills, including the ability to prioritize and manage multiple projects and high-level tasks simultaneously.

Knowledge of and experience with general audit and compliance concepts including risk assessment, controls, supporting evidence/documentation, and regulatory requirements including CJIS, CMMC, DFARS, FERPA, HIPAA, GLBA, and PCI; knowledge of information security frameworks such as NIST800-53, NIST800-171, ISO 27000, CIS CSC, etc.
Ability to thrive in an environment with short deadlines, evolving challenges, and multiple simultaneous projects while maintaining good judgment, proactive communication, and prompt resolution of any issues.

Maintain active understanding of industry practices for threat analytics and incident response.
Apply or recommend adaptive security measures based on investigative findings and threat indicators.

TYPICAL EXPERIENCE:

The successful candidate will be self-motivated and highly technical, with many years of experience supporting enterprise systems. A detailed knowledge of several (not all) of the following systems, services, and technologies is expected:

Endpoint: SIEM, EDR, UEM, ITAM, patching, vulnerability management

Email: DMARC, DKIM, SPF, email compliance (legal holds and data retention), email security/anti-phishing

Network: DHCP, DNS, IDS/IPS, NAC, NGFW, VPN, WAF, 802.1x, concepts including switching, routing, subnetting, zero trust, zoning/segmentation/VLANs

Cloud: CASB, DLP, cloud compliance, monitoring, security, and management solutions to manage and protect cloud computing environments (AWS, Azure, GCP), cloud collaboration platforms (e.g. M365, Google Workspace), and SaaS/PaaS/IaaS services

General Cybersecurity: honeypots, cyber threat intelligence (CTI), threat hunting, digital forensics, identity management, digital certificates, encryption, UEBA

Excellent communication and project/time management skills are required. Diplomacy and an interest in collaborative problem solving and project management will be beneficial in this role. Familiarity with programming or scripting languages and use of those in automation is highly desired.

REQUIRED EDUCATION OR TRAINING:

Bachelor's degree and 5+ years of relevant experience, OR an equivalent combination of training, education, and documented professional experience.

Two or more relevant IT/cybersecurity certifications (vendor-specific or those from bodies such as ISC(2), ISACA, SANS, etc.) desired at time of hire, required within the first year of employment.

Travel and on-call required.

Please attach cover letter, resume and three professional references

This is a full-time, Grade 82, (minimum $72,363 yearly, DOE), 12-month position complete with a competitive salary and UA employee benefits package. UA provides a generous compensation package that includes excellent benefits including retirement options, annual leave, 12 paid holidays per year, tuition waivers for employees and family members, and affordable medical, dental and vision care coverage. 

Applications will be reviewed on a rolling basis until a successful candidate is identified.

*To be eligible for this position, applicants must be legally authorized for unrestricted employment in the United States. No work visas will be sponsored for this position.

Reasonable Accommodation Statement:

The University of Alaska (UA) is responsible for providing reasonable accommodations to individuals with disabilities throughout the applicant screening process. If you need assistance in completing this application or during any phase of the interview process, please contact UA Human Resources by phone at 907-450-8200.

Affirmative Action Statement:

UA is an AA/EO employer and educational institution and prohibits illegal discrimination against any individual: www.alaska.edu/nondiscrimination

Background Check:

The successful applicant is required to complete a background check. Any offer of employment is contingent on the background check.

Probationary Period:

Pursuant to University Regulation 04.07.020, new employees of the University are employed in an at-will probationary status for the first six months of employment. During the probationary period, employment may be terminated for no reason or any reason. Promoted employees also serve a probationary period with limited rights of retreat.

Public Disclosure Statement:

Your application for employment with the University of Alaska is subject to public disclosure under the Alaska Public Records Act.

University of Alaska is a Drug-Free Workplace. University of Alaska campuses are Tobacco-Free.

Training Policy:

It is the policy of the University of Alaska (UA) that all employees are required to complete training to meet the requirements of the positions they hold, and to complete the required training within a specified period to remain employed at the UA.

Contact Information:

If you have any questions regarding this position, please contact University of Alaska HR at 907-450-8200.

Advertised: Alaskan Daylight Time
Applications close:

Back to search results Apply now Refer a friend

Share this:

| More

UA