AMVETS Jobs

Internet2

Location: US Type: Full Time Regular

Internet2, a non-profit organization, provides high-performance networking, trust and identity infrastructures, cloud services brokering, and related services to its research and education member institutions and beyond. Internet2 represents an exceptional partnership spanning U.S. and international institutions that are leaders in the worlds of research, academia, industry and government.

InCommon (https://incommon.org), the Internet2 community-developed trust fabric, provides the U.S. higher education and research community with the common framework for trustworthy access to online resources. InCommon facilitates the development of community-based common trust services - SAML Federation, Certificate Services, eduroam, and other services and activities.

Position Description

Reporting to the Director of Infrastructure and Operations, the Trust and Identity (T&I) Services Information Security Lead acts as part of a highly collaborative cross-functional technical service delivery team to securely, reliably and scalably deliver mission critical InCommon and related services to participants. This role works closely with the services architecture and operations teams and other information security professionals within Internet2, to address operational and security-related technical service delivery needs in the InCommon Federation, Certificate, eduroam and other services. The position collaborates with Internet2 technical architects, project managers, colleagues in Internet2's Technical Services Group, and management, to enable trustworthy and secure service deployments.

The Information Security Lead is the primary person responsible for ensuring the security of the services that InCommon offers. The successful candidate will have experience delivering highly secure services in a complex IT environment. The position requires a high degree of collaboration with community groups including the InCommon participant community, and security advisory committees, frequently participating in efforts to meet requirements defined by these national and international groups.

Required Skills:Minimum of a bachelor's degree or equivalent in IT systems security, IT systems engineering, or equivalent combination of education and work experience.An ISC2 CISSP certification or similar evidence of in-depth IT security knowledge and practice.Proven experience in developing and sustaining an information security program.5+ years experience with IT security incident handling, incident response/coordination, root cause analysis, remediation and reporting.5+ years in analysis of security events via logs, forensics, netflows and other security tools.Demonstrated ability to work with a team of diverse skill sets and backgrounds to achieve shared goals in IT service delivery.Excellent documentation skills including writing technical requirements, implementation and maintenance instructions, documenting change plans and other staff-facing work.Excellent written and verbal communication skills to span technical audiences and vendor, customer, peer, leadership relationships.Ability to travel up to 10% of the time for work.Ability to participate on 24x7x365 shared on-call rotation with other staff members.

Responsibilities:Risk Management - Use of tools and methodology to assess the information security risks associated with sensitive and mission critical systems, recommend and prioritize actions for remediation, and work with larger teams to see these through to completion.Compliance - Determine applicability and scope of various regulations; interpret and implement requirements to ensure compliance.Incident Response - Lead team in response to reported information security incidents (e.g. threat assessment, threat mitigation/eradication, after-action reporting) and in accordance with established incident response procedures. Participa