Washington University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity or expression, national origin, genetic information, disability, or protected veteran status.

This position is full-time and works approximately 40 hours per week.  

This position is in the Office of WUSM CIO. This position is for the Medical School Campus. 

POSITION SUMMARY:

This position resides within the School of Medicine Information Security Office and will primarily work on Endpoint protection technologies and solutions, such as but not limited to Antivirus, Data Loss Prevention, Endpoint Protection, and Response, and more. This position will closely work with the central security operations center and assist with security events and their associated forensic efforts. This position will also assist with various Network Access technologies ensuring that WUSM enterprise network-connected devices are secure, accounted and sanctioned.

PRIMARY DUTIES AND RESPONSIBILITIES:

1. Serves as responsible for rollout of Endpoint Protection tools across all WUSM department connected devices.
2. Serves as responsible for security operations monitoring which includes, but is not limited to, tracking and monitoring of malicious software, vulnerability scanning, and log collection and analysis.
3. Presents updates and training to management and staff.
4. Identifies potential security risks and reports to Information Security Manager; opens and tracks incidents and tickets with IT departments.
5. Installs and configures hardware and software that provides appropriate network and system security functionality.
6. Maintains security plans, processes, and procedures necessary to both normal day-to-day operation and disaster recovery situations.

Graduation from a four-year college or university with a degree in an information technology field plus a minimum of three years of relevant IT security work experience; additional relevant work experience may be substituted for required education.

• SANS GIAC, ISC2 SSCP, CEH, MCSE, CCNA, or other security-related certification.
• Project Management: Ability to lead large-scale projects and provide regular updates to management.
• Planning and Organization: Ability to document, track, and communicate security risks to management and business owners; responds in a timely manner to a loss or misuse of information assets; collects information for review by General Counsel or Research Integrity as instructed.
• Technical Knowledge: Experience with various desktop/server vendor operating systems, such as but not limited to Microsoft Windows, Apple IOS, Linux; experience with security/networking technologies (e.g., TCP/IP, IPS/IDS, Web Security/content management, firewalls, VPN concentrators, routers, and switches); working knowledge of systems technologies (e.g., e-mail gateways, web services, database servers, and file hosting); working knowledge of network and/or system management tools; experience as a systems administrator, desktop support, or network operations; experience with the process and/or procedure documentation; experience with incident handling processes; experience with endpoint protection solutions from Cisco, Microsoft; experience with data loss prevention/Encryption technologies from Microsoft, Symantec, Digital Guardian; knowledge of network access control solutions from Cisco;  knowledge of vulnerability scanners, log collection(SEIM), Forensic Solutions and evidence collection procedures.
• Technical Solution Development: Differentiates between problems and symptoms and develops solutions to address overall problem; strong analytical and problem-solving skills; detailed oriented; strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people; demonstrates ability to explain complex problems or situations.
• Consultancy Skills: Ability to resolve routine and complex problems based on existing documentation/training/resources; will have a close relationship with service desk, system, and network administration teams, security operations; will have frequent interactions with desktop/security support, operations, and development teams; ensures that resource owners/users are aware of security policies; possess strong written and oral communication skills; ability to set strategic goals and perform in both business and technology settings; strong customer focus and ability to manage client expectations; develops processes, writes guidelines, and performs awareness training; handles complex situations with sensitivity and confidentiality.

The hiring range for this position is $78,874 - $104,499 annually.

All external candidates receiving an offer for employment will be required to submit to pre-employment screening for this position. Current employees applying for a new position within the university may be subject to this requirement. The screenings will include a criminal background check and, as applicable for the position, other background checks, drug screen, employment and education or licensure/certification verification, physical examination, certain vaccinations and/or governmental registry checks. All offers are contingent upon successful completion of required screening.

This position is eligible for full-time benefits.  Please click the following link to view a summary of benefits:  https://wustl.box.com/s/8wkhs25yssf0775x9d6nd6vqa7obpth7.

Please attach a copy of your most current signed performance evaluation (completed within the last 18 months) to your online account.  If you have not received a performance evaluation, you may provide two current signed letters of recommendation (written within the last 18 months), preferably to include one letter from either a current or recent former supervisor.  To attach these documents, go to:  My Career Tools, Add Attachment, Attachment Type – Performance Reviews or Letters of Recommendation.

WORKING CONDITIONS:

• Standard computer department working environment with standing, walking, and lifting less than 50 pounds is required.
• A moderate amount of work performed at customer site.