Caltech is a world-renowned science and engineering institute that marshals some of the world's brightest minds and most innovative tools to address fundamental scientific questions. We thrive on finding and cultivating talented people who are passionate about what they do. Join us and be a part of the diverse Caltech community.
The Information Security-Senior/Lead reports to the Chief Information Security Officer. The successful candidate will have worked in multiple Information Security areas, including but not limited to:
Consultation with customers to implement security controls.
Application security assessment and remediation.
Designing and implementing appropriate cloud security architecture for protection, logging and monitoring.
Monitoring the Caltech environment for potential incidents.
Performing analysis to detect and investigate threats both internal and external to Caltech's cloud and campus computing systems and networks and determining appropriate responses.
Designing and advising on system architecture and enhancements to security infrastructure.
Assessing security status of systems and software intended for Campus use.
Advising and assisting Campus personnel at all levels on:
Best practices for securing applications, data, and systems.
Use of security-related technologies.
Action to take in the event of a compromise.
This is an Essential Reporting position. An employee designated as essential reporting has essential job skills that are needed for response and recovery and is expected to report to Campus as soon as possible.
Essential Job Duties
Lead responsibility for designing appropriate control structure for Caltech's AWS cloud environment, including protection, logging and monitoring.
Working with other IMSS personnel, implements controls in the AWS cloud environment.
Participate in the team's SOC activities, including: investigate and respond appropriately to internal and/or external complaints (e.g., scanning, hacking, spamming, harassment, abuse, DMCA notices, any other incidents that include a cyber element).
Independently analyze and assess network activity using netflow data, system logs, packet capture and intrusion detection tools, and respond appropriately.
Working collaboratively as part of a team, design, implement, and enhance the security and monitoring infrastructure operated by the Information Security group.
Independently develop methodology and perform forensic and other in-depth analysis of critical systems for signs of unauthorized activity or abuse.
Work both autonomously and collaboratively with team members to design, architect, develop and continuously enhance tools and resources for improved incident prevention, detection and response.
Exercise discretion and independent judgment to determine possible threats, assess potential severity, and develop appropriate action plan for addressing issues identified.
Independently research and make technical recommendations regarding Information Security policies, practices, system development and architecture.
Assess existing and planned Campus systems and applications for vulnerability, including performing interactive application security testing and analysis, review system designs, advise in-house or third-party application developers and system administrators on effective ways to address security issues.
Develop strategy and communications for users at all levels, including internal and external security personnel, system administrators and/or end users (faculty, students, staff, guests) about incidents and recommended recovery measures.
Advise campus personnel on best practices for securing data and systems, and on usage of complex security-related technologies, including but not limited to: firewall software, ssh, antivirus, filesystem integrity monitoring, public key encryption, SSL/TLS, system logging, and process accounting utilities.
Work collaboratively with resource owners to determine and establish appropriate security policies and practices; interpret and ensure compliance with existing Institute and departmental policies and procedures.
Stay current on security techniques, tools and as well as evolving threats; contribute to periodic security briefings and updates for members of the campus community at all levels.
Assist Audit Services and Institute Compliance, the Office of the General Counsel, and the Office of Research Compliance upon request.
Develop and document policies, internal processes, user tutorials and FAQs as assigned.
As needed share in the performance of system administration functions for the security sensor and monitoring infrastructure operated by the Information Security group, including maintaining, configuring and updating software and operating systems.
Backup other team members in their duties, as needed.
Other duties as assigned.
The selected candidate must have a BS/BA degree in a related field, or equivalent experience, with a working knowledge of current security aspects of multiple platforms, operating systems, applications, firewalls, network protocols, and secure application development practices.
6+ years related systems security experience and deep subject-area knowledge, including designing, implementing and managing controls in an AWS environment, evaluating systems for risks and implementing controls, and handling security incidents of all kinds.
Candidate must have in-depth knowledge of computer security principles and practices, including their application to operating system configuration, host and network monitoring, vulnerability scanning, application development, host and network forensic analysis.
Must have excellent oral and written communication skills (email and phone communication with users at all levels, as well as written documentation, are crucial components of the job).
Candidate must be able to work within a collegial group of Information Security analysts and should exhibit an understanding of issues relating to workload sharing and documentation.
Candidates should be customer-oriented and comfortable working with a user base with widely varying computer skills and support needs.
Must be able to think and work independently in an organized and effective manner within a dynamic environment with shifting demands and priorities.
Working knowledge of relevant state and federal legislation and best practice security standards.
8+ plus years of directly related systems security experience and expertise, with a thorough knowledge of current security aspects of multiple platforms, operating systems, applications, firewalls, network protocols, and secure application development practices and expert knowledge of AWS cloud security controls.
Familiarity with the following: Zeek; Oracle databases and Oracle web applications; Windows, Macintosh, Linux (especially Red Hat) operating system hardening; Federated authentication; Microsoft Active Directory; Microsoft Office 365; secure web application development; PGP/GPG; PKI; Nessus; Burp; Suricata; Splunk; Argus; Cisco netflow.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Copyright 2022 Jobelephant.com Inc. All rights reserved.
The California Institute of Technology (Caltech) is a world-renowned science and engineering research and education institution, where extraordinary faculty and students seek answers to complex questions, discover new knowledge, lead innovation, and transform our future.