OmniSOC Platform Engineer (Network Security Analyst)

UITS OMNISOC (UA-DOMN-IUBLA)

At University Information Technology Services https://uits.iu.edu/ (UITS) we provide the technology, tools, and services you need to succeed. UITS supports IU's vision for excellence in research, teaching, outreach, and lifelong learning. We ensure a workplace that encourages growth, flexibility, and creativity, as well as a culture that champions inclusion, diversity, and overall employee well-being through programs supported university wide. As an Equal Opportunity Employer, we believe in each person's potential, and we'll help you reach yours.

OmniSOC Is a Security Operations Center Hosted At Indiana University Which Provides Monitoring And Security Operations Services To US-based Higher Education Institutions, Research And Education Networks, And NSF-funded Research Facilities. OmniSOC Is Primarily Made Up Of 4 Teams:

• A business development team which drives OmniSOC growth and revenue by engaging prospective and current members, both directly and through outreach and engagement activities.
• A platform engineering team (this role) responsible for running the OmniSOC SIEM and other IT infrastructure.
• A security services team specializing in the comprehensive assessment and growth of OmniSOC members security programs by providing expertise, coaching, and security operations services to members.
• The security analyst and engineering team focuses on the analysis of OmniSOC member log data from networks and endpoints for indications of potential malicious activity or compromise.
  
  

All 4 teams work together to deliver high-quality, timely service to our membership. Our success is dependent upon our teams working in a collaborative, highly organized and efficient manner.

OmniSOC KEY VALUES:

• Member focus
• Analysts engage deeply with members to understand their goals, strengths, needs and challenges
• We are committed to raising the cybersecurity level of our community for the betterment of all
• Impact
• Each analyst at OmniSOC bears responsibility for the success of OmniSOC and our community. We are committed to enabling the missions of education and research members through safer technology.
• We are focused on impactful over volume.
• Individual Mastery and collective improvement
• We value an exploring mindset and actively encourage curiosity while pursuing ways to learn more, make the world better, and expand our expertise.
• We view mistakes not as failures, but learning opportunities, and try to learn from each failure.
• Communication
• We are open and direct with each other when discussing problems.
• We default to openly sharing information with each other, our members, and the community.
• Courage
• We make tough decisions without agonizing and learn through doing and through one another to collectively improve our decision making.
• We act according to our principles even when no one is looking, we are unafraid to speak our minds or question actions that don't align with our professed values.
  

If OmniSOC sounds like a place you'd like to work, we encourage you to apply!

Learn more about OmniSOC.

OmniSOC is seeking a skilled systems engineer to join our Platform Engineering team providing software development and infrastructure expertise to run our high volume Security Information and Event Management (SIEM) platform for our members in higher education, networking, and major science research projects across the United States. Our engineers are skilled at running highly scalable distributed systems that are both reliable and performant. They are subject matter experts in managing and developing complex systems, as well as keeping them available and secure.

Department Specific Responsibilities

• Performs software development to both automate the management of the SIEM and to extend its functionality for security investigations and alerting.
• Serves as a systems engineer for the OmniSOC SIEM platform with responsibilities including system administration and operation of the SIEM platform and underlying infrastructure.
• Assists the staff and management of member institutions in setting up the flow of security event data from the members to OmniSOC.
• Provides technical and practical expertise operating large scale and highly available IT infrastructure.
• Communicates effectively with stakeholders on project status.
• Writes effective documentation to help maintain and support our infrastructure and software.
  
  

General Responsibilities

• Applies foundational knowledge in the analysis of security controls to prevent hackers from infiltrating networks.
• Researches attempted efforts to compromise network security protocols.
• Maintains and monitors network security and administers security policies to control access to networks.
• Contributes to incident response investigations and assists with disaster recovery and business continuity efforts.
  
  

Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.

EDUCATION

Required

• Bachelor's degree (preferably in Computer Science or related field)
  
  

Preferred

WORK EXPERIENCE

• Some experience of in network security operations and analysis
  
  

Skills

Required

• Proficient communication skills
• Maintains a high degree of professionalism
• Demonstrates time management and priority setting skills
• Demonstrates a high commitment to quality
• Possesses flexibility to work in a fast paced, dynamic environment
• Seeks to acquire knowledge in area of specialty
  
  

Preferred

• Knowledge of using and administering Linux-based operating systems
• Ability to program in Python, Javascript, Perl, or any similar general purpose programming language
• Knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (DNS, SMTP, HTTP)
• Knowledge and understanding of "NoSQL" document based data stores, like Elasticsearch or similar
• Ability to troubleshoot, manage, and develop web-based applications
• Knowledge and understanding of configuration management systems like Ansible or Puppet
  
  

This role requires the ability to effectively communicate and to operate a computer and other standard office productivity equipment. The position involves sedentary work as well as periods of time moving around an office environment and the campus. The person in this role must be able to perform the essential functions with or without an accommodation.

This role includes an "on-call" component where the employee is required to be the first responder for critical issues outside of normal business hours. The employee will participate in an on-call rotation with the rest of the team during which they will be expected to respond to occasional after-hours calls for a period of 1 week.

Federal background checks and/or non-disclosure agreements on behalf of the OmniSOC's customer base may be required to fulfill employment requirements. Please see this link for more information.

Bloomington, Indiana

This position is eligible to work a hybrid schedule (mix between remote and in-person work), subject to change in the future based on university policy and business needs.

For full-time staff employees, Indiana University offers a wide array of benefits including:

• Multiple plan options for medical insurance
• Dental insurance
• Health Savings Account with generous IU contribution
• Life insurance, LTD, and AD&D options
• Base retirement plan contribution from IU, subject to vesting
• Additional supplemental retirement plan options
• Tuition benefit for IU classes
• 10 paid holidays per year
• Generous Paid Time Off
• Paid Parental Leave
• Employee Assistance Program (EAP)
  
  

Learn more about our benefits by reviewing our online Benefits Brochure.

Career Level: Core

FLSA: Exempt

Job Function: Information Technology

Job Family: Network Admin, Analysis, & Eng

Click here to learn more about Indiana University's Job Framework.

This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.

If you wish to include a cover letter, you may include it with your resume when uploading attachments.

Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment based on individual qualifications. Indiana University prohibits discrimination based on age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University’s Notice of Non-Discrimination here which includes contact information.

The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online. You may also request a physical copy by emailing IU Public Safety at iups@iu.edu or by visiting IUPD.

Request Support

Telephone: 812-856-1234