Classified Title: Network Security Engineer II Role/Level/Range: ATP/04/PE Starting Salary Range: Commensurate with Experience Employee group: Full Time Schedule: Monday - Friday/8:30 am - 5:00 pm Exempt Status: Exempt Location: 02-MD:Mount Washington Campus Department name: 10000014-IT@JH Enterprise Services Personnel area: University Administration
General Position Summary:
This position will primarily support Network Access Control (NAC) technologies. This position will also help support technologies that provide IT security monitoring, intrusion detection and prevention, vulnerability scanning, and security risk analysis and remediation. Responsible for infrastructure engineering, maintenance, and support of complex network security systems for a large scale, multi-site, and geographically distributed enterprise network. Scope of supported systems ranges from servers and desktop hardware and software, multiple operating systems, and proprietary network security systems and appliances (e.g., secure remote access, firewalls, routers, intrusion prevention systems, intrusion detection systems, vulnerability scanning and management, incident response, and regulatory compliance systems). Collaborates with application development and infrastructure support teams to setup security components to ensure compliance i.e. (Epic/HIPPA). These network security systems provide IT services to thousands of users throughout Johns Hopkins and have an enterprise wide complexity and scope.
The major efforts and tasks of this position are highly complex, technical and enterprise wide in scope. Information security threats are an evolving problem with new sources of threats and variations to older problems changing daily. Due diligence is required in monitoring and understanding these problems. Network Security risks are abstract in nature and require a balanced response that mitigates risks without disrupting services. This is the second level of a three tiered Network Security Engineer position. Technical competence is expected to be at a highly knowledgeable level across multiple platforms. Tasks and projects are complex in nature. Position includes project and technical leadership along with mentoring and assistance with development of other staff. Decisions recommended and made by incumbent affect and impact enterprise systems and operations. Position works in a highly independent manner under limited supervision.
This position is responsible for managing the Enterprise Network Access Control (NAC) system. This position is expected to collaborate with other members of the Enterprise Management, Monitoring and Security (EMMS) team for IT security monitoring, intrusion detection and prevention, vulnerability scanning, and security risk analysis and remediation. The incumbent will also work with engineers and administrators across Johns Hopkins to implement NAC and remediate security incidents. It is expected that the incumbent will be a self-starter and will act independently (with minimal supervision) in representing IT @ Johns Hopkins.
The responsibilities listed below are typical examples of the work performed by this position. Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility.
Implements and supports systems and processes to reduce the security threats to Hopkins Network and IT infrastructure. These include but are not limited to data loss, exposure of private data, inappropriate systems access, denial of service, computer viruses and Trojans or any other indication of compromised systems
Provides network security risk and vulnerability assessments, and provides recommendations to mitigate risks for small to large systems that are complex in nature.
Represents network security in IT and business projects for network security evaluations and risk assessments.
Researches specific elements of regulatory compliance requirements (HIPPA, FERPA, PCI, Sarbanes Oxley, FISMA) and develops recommendations for network security compliance
Directs junior level engineers for compliance follow-up activities
Provides risk management consulting services to Hopkins business units, partners and affiliates on cyber security and network vulnerability and risk mitigation for projects that are moderate to complex in nature.
SYSTEMS ANALYSIS AND DESIGN
Develops and executes highly technical and/or complex project plans and systems that are based on knowledge of the business and information security needs of the Johns Hopkins enterprise community.
Provides network security analysis and design consulting services to Hopkins business units, partners and affiliates on cyber security and network vulnerability and risk mitigation for projects that are moderate to complex in nature.
Develops technical security systems and procedures for IT systems that process all classification levels of electronic information (see JH electronic information classification levels at http://it.jhu.edu/policies/itpolicies.html#Classification). These Enterprise wide network information security efforts include: wired and wireless networking; telecommunications; secure messaging; enterprise clinical information systems (e.g., EPR, POE); student information systems (e.g., ISIS); and enterprise business solutions (e.g., Enterprise Business Solution (SAP)).
Provides knowledgeable technical and project management (full life-cycle) responsibilities in at more than one enterprise focused information security discipline, including, but not limited to: risk management; network intrusion detection and prevention; security event / incident response; security policy; vulnerability management; regulatory compliance; and encrypted and secure remote access for Hopkins staff, Hopkins remote entities, and business partners.
Designs enterprise network information security systems and services in support of the mission of Johns Hopkins Institutions.
Independently determines or interprets complex requirements for existing or new network information security systems; identifies and/or develops and tests solutions to meet requirements; develops recommendation for implementation; implements and develops documentation for monitoring and maintenance.
INSTALL AND CONFIGURE
Implements and configures technical security systems and procedures for IT systems that process all classification levels of electronic information (see JH electronic information classification levels at http://it.jhu.edu/policies/itpolicies.html#Classification). These Enterprise wide network information security efforts include: wired and wireless networking; telecommunications; secure messaging; enterprise clinical information systems (e.g., EPR, POE); student information systems (e.g., ISIS); and enterprise business solutions (e.g., Enterprise Business Solution (SAP)).
Installs and configures medium to large size security appliances and solutions by using established procedures.
Implements changes by adhering to the change management policies and procedures for any given project. Communicates to all parties the nature, significance, and risk factors of the solution.
Installs, configures, and/or interprets results of network security analyzers and log events.
Works with other technical engineers in administration of enterprise network information security systems and services in support of the mission of the Johns Hopkins Institutions.
Represents network security in IT and business projects for network security evaluations and risk assessments.
Directs the efforts of other engineers in large scope/complex systems installations
Works with Enterprise infrastructure support services for data center logistics; coordinate enterprise network security system changes with affected JH customers and staff at one or more JH institution campus or location.
Manages one or more network security platforms (Firewalls, IDS, IPS, Security Assessment tools).
May provide oversight to vendors, affiliates and lower level Engineers and systems administrators.
Coordinates activities with customers and other IT organizations
Provides guidance and training to junior level engineers.
Works with external law enforcement organizations to assist with investigations or threats that are related to the Johns Hopkins Network.
MAINTAIN AND TROUBLESHOOT
Monitors network for emerging threats across the cyber security landscape and makes recommendations to reduce and/or eliminate the threats to the Hopkins Enterprise Network.
Maintains and troubleshoots technical security systems and procedures for IT systems that process all classification levels of electronic information (see JH electronic information classification levels at http://it.jhu.edu/policies/itpolicies.html#Classification). These Enterprise wide network information security efforts include: wired and wireless networking; telecommunications; secure messaging; enterprise clinical information systems (e.g., EPR, POE); student information systems (e.g., ISIS); and enterprise business solutions (e.g., Enterprise Business Solutions (SAP)).
Independently manages one or more network security platforms (Firewalls, IDS, IPS, Security Assessment tools).
Leads and/or participates in confidential security incident and event investigations. Conducts forensic investigations of security breaches and compromises. Identifies root causes, develops and implements alternatives to eliminate the source of the compromise and potential for re-occurrence.
Analyzes data from enterprise information security events (including, but not limited to: technical forensic data, incident records, analysis of network traffic). Provides reports and recommended response actions to the Network Security Architect and/or security manager.
Produces ad-hoc and recurring reports on network security system measurement statistics.
Reviews abstract information regarding network traffic flow and access for anomalies and potential breaches to network security. Develops processes for others to follow in reviewing the information.
Troubleshoots highly complex network and security problems, involving switching, routing and security policy issues.
Bachelor’s degree in IT or related field.
Additional experience may substitute for education.
Minimum of five years full time at an Enterprise level information security work in 2 or more information security domains. (Enterprise Firewall Management, Intrusion Detection and Prevention, Network Forensics, Technical Risk Assessment, etc.)
Three years of project management and project team participation skills.
Five years of progressively responsible experience in at least two or more of the following:
Enterprise networking (wired and wireless)
Enterprise information or network security
Computer system management & administration
Additional education may substitute for experience.
Equivalency Formula: 30 undergraduate degree credits or 18 graduate degree credits = 1 year of experience. For jobs where equivalency is permitted, up to two years of non-related college coursework may be applied towards the total minimum education/experience required for the respective job.
Preferred Job Qualifications:
Knowledge in the assigned IT environments.
Advanced degree in IT or related field and/or professional security training and certification (e.g. SANS/GIAC, CISA, CISM, CISSP) preferred.
Knowledge, Skills, & Abilities (KSA’s):
Must possess all requisite knowledge, skills, and abilities as posted in the supplemental section.
Must demonstrate strong critical thinking and analytical reasoning skills.
Ability to work on multiple priorities effectively.
Ability to prioritize conflicting demands.
Ability to execute assigned project tasks within established schedule.
Ability to work collaboratively in a team environment.
Ability to communicate effectively in the service of users and colleagues.
Writes and communicates clearly and concisely.
Possesses sound documentation skills.
Ability to maintain confidentiality
Must demonstrate exemplary customer service skills.
Work requires a strong understanding and extensive work experience with at least two of the ten (ISC) Information Security Domains (Access Control; Application Development Security; Business Continuity and Disaster Recovery Planning; Cryptography; Information Security Governance and Risk Management; Legal, Regulations, Compliance and Investigations; Operations Security; Physical (Environmental) Security; Security Architecture and Design; Telecommunications and Network Security).
In depth knowledge of complex firewall environments. This includes multi access perimeter, enterprise red zones and specialty firewall configurations. Development of complex firewall access policies, policy groupings, access control lists and firewall interface management.
Expert knowledge and experience with information security technologies, methodologies, and practices including, but not limited to: risk assessment and management; intrusion detection and prevention; vulnerability assessment and management; system administration (Windows, OS X, Linux, Unix, etc.); security policy, standards, and best practices; security incident response; auditing and security administration of network security systems and operating systems; access control; encryption; firewalls; secure proxies; networking; database and application security; security event log analysis; virus prevention and remediation; and custom programming/scripting.
Thorough understanding of the use of open source network security tools (i.e. NMAP, Snort).
Thoroughly familiar with network vulnerability assessments and processes.
Comprehensive knowledge of network interconnect practices and the use of both public (internet) and private network interconnect services.
Capable of troubleshooting highly complex network and security problems, involving switching, routing and security policy issues.
Complete understanding of the interoperability of Network Security systems.
Strong understanding of TCP/IP, the OSI model, and appropriate standards and practices associated with a secure enterprise technical framework are required.
Special Knowledge, Skills, and Abilities:
In depth knowledge of Network Access Control (NAC), along with strong foundational knowledge of networking systems.
A high level of knowledge of IT security subsystems including security monitoring tools such as Intrusion Detection and Intrusion Prevention Systems (IDS/IPS), Security Incident and Event Management (SIEM) Systems, log management, endpoint protection, and vulnerability management.
Describe the Specific Systems, Applications, Projects for which the Position is Responsible:
This position is responsible for managing the Network Access Control (NAC) system, along with other IT security monitoring and vulnerability management systems supported by the team. These include:
Security Incident and Event Management (SIEM)
Vulnerability management systems.
This position will be responsible for all aspects of the NAC system including design, implementation, and support.
The successful candidate(s) for this position will be subject to a pre-employment background check.
If you are interested in applying for employment with The Johns Hopkins University and require special assistance or accommodation during any part of the pre-employment process, please contact the HR Business Services Office at firstname.lastname@example.org. For TTY users, call via Maryland Relay or dial 711.
The following additional provisions may apply depending on which campus you will work. Your recruiter will advise accordingly.
During the Influenza ("the flu") season, as a condition of employment, The Johns Hopkins Institutions require all employees who provide ongoing services to patients or work in patient care or clinical care areas to have an annual influenza vaccination or possess an approved medical or religious exception. Failure to meet this requirement may result in termination of employment.
The pre-employment physical for positions in clinical areas, laboratories, working with research subjects, or involving community contact requires documentation of immune status against Rubella (German measles), Rubeola (Measles), Mumps, Varicella (chickenpox), Hepatitis B and documentation of having received the Tdap (Tetanus, diphtheria, pertussis) vaccination. This may include documentation of having two (2) MMR vaccines; two (2) Varicella vaccines; or antibody status to these diseases from laboratory testing. Blood tests for immunities to these diseases are ordinarily included in the pre-employment physical exam except for those employees who provide results of blood tests or immunization documentation from their own health care providers. Any vaccinations required for these diseases will be given at no cost in our Occupational Health office.
Equal Opportunity Employer Note: Job Postings are updated daily and remain online until filled.
Johns Hopkins University remains committed to its founding principle, that education for all students should be grounded in exploration and discovery. Hopkins students are challenged not just to learn but also to advance learning itself. Critical thinking, problem solving, creativity, and entrepreneurship are all encouraged and nourished in this unique educational environment. After more than 130 years, Johns Hopkins remains a world leader in both teaching and research. Faculty members and their research colleagues at the university's Applied Physics Laboratory have each year since 1979 won Johns Hopkins more federal research and development funding than any other university. The university has nine academic divisions and campuses throughout the Baltimore-Washington area. The Krieger School of Arts and Sciences, the Whiting School of Engineering, the School of Education and the Carey Business School are based at the Homewood campus in northern Baltimore. The schools of Medicine, Public Health, and Nursing share a campus in east Baltimore with The Johns Hopkins Hospital. The Peabody Institute, a leading professional school of music, is located on Mount Vernon Place in downtown Bal...timore. The Paul H. Nitze School of Advanced International Studies is located in Washington's Dupont Circle area.