Internet2 provides the U.S. research and education community with a dynamic, innovative, world-leading set of advanced information technologies. Through collaboration with regional optical networks, international and campus partners, Internet2 provides next-generation network services and a platform for the development of new networking paradigms. With community control of the fundamental networking infrastructure, the Internet2 Network provides the scalability for its members to efficiently provision resources to address bandwidth-intensive requirements of their campuses such as collaborative applications, distributed research experiments, grid-based data analysis, and social networking.
Internet2 maintains and operates a 13,500-mile domestic coherent DWDM network infrastructure, with multiple Layer 2 and Layer 3 networks provisioned on top of it.
To help support this critical mission, we are seeking a Cyberinfrastructure Security Engineer to support all security efforts across the cyberinfrastructure for Internet2's global infrastructure programs. This is a senior technical position responsible for all facets of security, including security risk assessments, incident response, and network security. This position requires some travel, possible on-call support, and reports to the Chief Cyberinfrastructure Security Officer.
Contribute to the continuous development of a comprehensive security program for the network infrastructure.
Manage configuration of information security monitoring systems which provide logging, monitoring, and actionable alerting.
Assist with the configuration, maintenance, and monitoring of the Security Incident and Event Monitoring (SIEM) system.
Monitor and analyze internet traffic for security breaches and Denial of Services attack.
Protect applications and servers from attacks by deploying countermeasures on the spot.
Diagnose the occurrence of incidents, facilitate provisioning, and fulfill customer’s requests.
Provide and maintain the overall Operational Quality, Service Delivery and Security Assurance.
Coordinate Network Maintenance and liaise with corresponding parties to ensure smooth migration.
Handle and manage customers’ expectation and provide technical solutions for events, such as Incidents, Mitigation Enhancement, and Customized Service Requests.
Use tools and methodology to assess the information security risks associated with sensitive and mission critical systems and develop mitigation strategies to bring risk levels into an acceptable range.
Carry out activities (e.g. containment, eradication, restoration) in response to reported or detected security incidents and in accordance with established incident response procedures. Participate in lessons learned activities.
Develop, implement, and monitor secure system and application configuration standards in accordance with applicable policies, regulations, and laws.
Detect and prevent intrusions using IDS/IPS tools; Implement firewall policies and monitor effectiveness.
Detect and/or assess the impact of reported vulnerabilities; implement mitigation strategies based on severity.
Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
Must be well versed in internet routing protocols such as BGP, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
Experience in responding to security incidents including network forensic procedures.
Knowledge of DDoS attack types will be advantageous (Distributed Denial of Service).
Working knowledge of network telemetry techniques and sources such as netflow, sflow, SNMP, syslog, packet captures, etc.
Experience with Security Information and Event Management tools and techniques.
Familiarity with security frameworks such as ISO 27001:2013 and NIST SP800-53.
Ability to provide quality deliverables on time and on budget.
Must possess excellent communication skills (written, verbal). Should be able to work with technical and non-technical individuals alike.
Ability to mentor other employees to improve their skills and effectiveness.
Ability to design, resource, conduct, status, and complete projects independently, with minimal supervision.
Minimum 4 years hand-on experience in Network / Security.
Programming experience with one or more of Perl, Python, or C.
Internet2 is a 501(c)(3) not-for-profit organization and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Internet2® is a member-owned advanced technology community founded by the nation's leading higher education institutions in 1996. Internet2 provides a collaborative environment for U.S. research and education organizations to solve common technology challenges, and to develop innovative solutions in support of their educational, research, and community service missions.