Salary: Commensurate with experience
Benefits: The University offers generous benefits including paid time off (holidays, holy days and vacation), employer matching contributions to the retirement plan, and tuition benefits for employees and their eligible dependents. Learn more and explore benefits at www.duq.edu/benefits
Location: Computing and Technology Services
Position Status: Full-time (35 hours per week)
Hours: Varied
Position Number: 239313/10-1183
FLSA Status: Exempt
POSITION SUMMARY:
This position is responsible for the support of Duquesne University's Cyber Security program which includes detection, prevention, incident response and training & awareness as organized and operated by Computing and Technology Services (CTS), the Duquesne University's central IT organization.
This position will help develop and support information security systems and programs. The position will also monitor, analyze, and prioritize threats and respond to risks facing the University's systems and data. In addition, this position will assist with identifying and reporting all security issues, monitoring threat intelligence feeds, and confirming that threat mitigation is in accordance with company standards. This position collaborates with all business units to help respond to security alerts and phishing emails, as well as recommending emerging cybersecurity tools and best practices.
DUTIES AND RESPONSIBILITIES:
Build, deploy, support, monitor and configure various tools used to scan and monitor various aspects of computer, account, or network security and respond to computer security, abuse, and e-discovery incidents. This will entail monitoring intrusion detection, vulnerability scanning and log correlation systems; doing research; scanning machines; reviewing usage logs; etc. to confirm reports and perform forensic analysis according to established procedures. User contact will also be needed in order to inform people of breaches as necessary, and to obtain detailed information.
Provide threat assessment and remediation which includes evaluating how threats impact the University, communicating that information and implementing or recommending techniques to mitigate the threat. Provide detailed information to the Help Desk so that the campus community can be informed of new threats or other security issues as needed. Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
Executing incident response procedures and processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary which may require off-hours work as it requires 24/7 coverage by the department.
Deliver training and awareness services by providing training documentation and announcements for security & abuse issues and current threats. Collaborate with end user support groups to provide training and awareness to campus on information security activities, trends and threats.
Participates in external community outreach and professional activities related to their field, according to their own interest, and affected by relevance to key challenges for CTS and/or Duquesne University. For example, works with external organizations, e.g., EDUCAUSE, on projects or efforts that enhance the reputation of the university as well as maintains proficiency and/or contributes to his/her professional development.
Participate in on-going professional development (attending/presenting at conferences, meetings, etc.).
Perform other duties and projects as needed.