Pittsburgh Chapter

 
Home
About Us
Archives
Events
Membership
Sponsors
Careers
Contact Us
Links

If you know of or are seeking a position in the Security field or another IT position and would like to post on the chapter's website, please contact Mike Sotace at mpsotace@edmc.edu

Senior Security Analyst https://secured.kenexa.com/cmu/cc/skins/minimalist/images/space.gif
Posting #:  5890  

Software Engineering Institute
Carnegie Mellon University
4500 Fifth Avenue
Pittsburgh, PA  15213

Link:  https://secured.kenexa.com/cmu/cc/CCJobResultsAction.ss?command=ViewJobDetails&job_REQUISITION_NUMBER=5890

Position Summary

The successful candidate will be a member of the Threat and Incident Management (TAIM) team, which focuses on assisting organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. TAIM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops. The successful candidate will be a participating member of a technical team involved in compliance validations, assessments, and evaluations conducted by TAIM. These collaborative teams will interact with US Government departments and agencies, industry representatives, contractors, and others to prepare for and conduct on-site assessment activities, participate in planning and coordination meetings, conduct pre- and post-assessment analysis, prepare technical reports and briefings to customers. The candidate will also serve as a Team Lead on scheduled assessments, coordinating the information collection, directing, and assigning supporting team roles and responsibilities. The candidate will also be involved in developing, preparing, and reviewing procedural documentation and leading efforts or participating in internal tools specification and/or development of tools, scripts, and other assessment products.

Minimum Requirements

  • BS in Computer Science, Information Science, Information Systems Management with ten years applicable experience or MS in Computer Science, Information Technology with eight years applicable experience; or equivalent training and experience;

  • experienced professional with excellent technical skills, knowledge to successfully manage project work, and a proven track record leading technical projects;

  • broad understanding of network, database and application security issues;

  • system administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems; knowledge of TCP/IP networking and standard protocols (FTP, SMTP, HTTP, SNMP, etc.);

  • knowledge of common attack methodologies;

  • common types of security vulnerabilities;

  • basic computer security forensics;

  • proficiency in the use of software applications, relational databases, spreadsheets and/or word processing, web services and database development using Apache, Perl, SQL (MySQL, Oracle), XHTML, XML , scripting languages and/or programming such as C++, C, Perl, JavaScript, HTML, and SQL;

  • strong oral and written communications skills, meetings (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups;

  • participate in external customer and sponsor;

  • ability to travel to various locations within the SEI and CMU community, customer sites, and offsite meetings with weekly/monthly frequency to travel on overnight and on-site assignments;

  • ability to work in varied and diverse situations requiring analytical, interpretative, evaluative and constructive thinking;

  • manage workload and priorities on multiple scheduled assessments;

  • able to function independently or in teams depending on the project;

  • work under pressure;

  • deal with stress; deal with difficult individuals while maintaining composure;

  • ability to exercise tact and discretion when handling highly sensitive and confidential issues; maintain confidentiality while working with highly confidential and sensitive matters;

  • handle sensitive data according to project and USG data handling procedures;

  • ability to interpret and communicate information about government regulations and university policies;

  • quantitative and qualitative analytical skills;

  • ability to trouble shoot problems proactively and to answer questions and handle issues as they arise;

  • effective time management skills; and strong problem solving skills;

  • ability to handle change and be flexible with respect to functions and responsibilities;

  • close contact with computer monitor for extended periods of time;

  • candidate must be able to pass a background investigation, obtain a DOD security clearance, and be a US citizen;

    Preferred Requirements

  • PhD in Computer Science Information Science, Information Systems Management with six years applicable experience;

  • Current Information System Security Profession (CISSP) or similar certification is desired.

  • Advanced understanding of computer operating systems (e.g. Windows 2000 and Windows XP), and computer networking (TCP/IP). Various computer related training or certifications (e.g. MCSA, Cisco, etc.). Thorough understanding of relevant operating systems and their security principles (Windows, Mac OS X, Linux, Solaris);

  • leadership experience with software development and/or system administration in large-scale, distributed computing environments;

  • experience with wide-area network design, deployment, and troubleshooting;

  • experience developing materials for senior leadership in government or industry;

  • experience interfacing with the DOD, US federal civilian government, intelligence community, or law enforcement;

  • advanced Windows and/or Linux system administration skills;

  • experience working in a classified environment;

  • experience with understanding complicated computer and network protocols;

  • proven skills and experience in auditing or conducting assessments;

  • project management experience;

  • leadership and mentoring skills;

  • proven skills working in a team environment on collaborative projects in US government, critical infrastructure sectors involving network, system or data security;

  • proven skills working with TCP/IP troubleshooting tools.

  • Possess an active DOD TS/SCI security clearance