Information Assurance and Security Engineer

Joliet Junior College

Joliet, IL

ID: 7068082
Posted: July 21, 2020
Application Deadline: Open Until Filled

Job Description

Special Instructions to Applicants
For full consideration, unofficial transcripts for the required degree (if applicable) must be attached and submitted at the time of application.


All offers of employment are contingent upon the following:

Post-offer, satisfactory results of pre-employment background check

Post-offer, satisfactory results of pre-employment Drug Screening for employees that are new to the College

Post-offer, satisfactory results of pre-employment physical exam in circumstances where the nature of the work renders it appropriate or where Federal law or regulation requires
Application Procedures: “Apply to this Job at employment.jjc.edu”


Joliet Junior College provides equal employment opportunities to all employees and applicants for employment without regards to race, color, ancestry, national origin, gender, gender identity, marital status, sexual orientation, disability, religion, age, results of genetic testing, or service in the military. Equal employment opportunity applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation, and training.

If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please email HR@jjc.edu or call (815) 280-6725.

Advertising Summary
Founded in 1901 as the nation’s first public community college, JJC’s dedication to student learning, community prosperity, and personal growth has influenced generations of students and community partners. Our six campuses and extension centers ensure accessibility and empower 30,000 students annually to improve their lives through the power of education.


Our commitment to our mission drives the change and innovation necessary to meet the evolving needs of our students, employees, and community. Our continued success is drawn from talented, diverse, and committed employees whose knowledge and passion for education create a thriving culture both in and out of the classroom.


JJC supports an inclusive and collaborative environment where everyone can learn, grow, and perform at their best. We invite you to apply your skills and experience in a way that supports excellence and rewards your contributions. Join our family and make JJC your first choice!


The college supports this commitment by providing full-time employees with a comprehensive benefits package for our full-time employees including:


Blue Cross Blue Shield of Illinois (employee & family)

Medical

Dental

Vision
Flexible Spending Account

403(b) and 457(b) option for pre-tax retirement savings
Joliet Junior College Tuition Assistance (employee & family)
Long Term Disability


Life Insurance & a comprehensive leave plan including:

Federal holidays

Vacation

Personal

Sick
Link to Human Resources website
http://www.jjc.edu/about-jjc/college-leadership/administration/human-resources

Job Details
POSITION TITLE: ENGINEER, Information Assurance and Security LFINSE-ENGR01
STATUS: Full time
DEPARTMENT: Information Security Office
DIVISION: Information Technology
CLASSIFICATION: Exempt
UNION: Non-union
REPORTS TO: Chief Information Security Officer
PLACEMENT: Professional staff, grade S12
MINIMUM PAY RATE: $68,014 annually
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The student population at the college is diverse in ethnicity, gender, language, age and background. Joliet Junior College is an AA/EO employer and strongly encourages applications from candidates who would enhance the diversity of its staff.

Position Summary
Serves as the CISO’s principal support on operational information security matters as they relate to the ongoing oversight and monitoring of the college’s IT security program. Focused on the core principles of ensuring the confidentiality, integrity, and availability of the college data and systems. Responsible for multiple Information Security Office day-to-day tasks, in addition to various short, medium and long term information security projects as part of supporting the entire College community’s information security needs. Advises the CISO on emerging issues, vulnerabilities, and opportunities for campus compliance with IT security program policy, legal, and other applicable requirements. Serves as the CISO liaison to campus IT security areas, coordinates multi-campus IT security initiatives, and provides campus progress updates to the CISO and others as needed. In addition this position manages projects which includes investigating, evaluating, and deploying security solutions to meet the College’s needs. Occasional off peak evening and/or weekend hours are required for testing or maintenance of systems.

ESSENTIAL JOB DUTIES AND KEY RESPONSIBILITIES
1. Perform the day to day operations, management and administration (hardware/software/appliance) to protect the integrity, confidentiality, and availability of information assets and information technology infrastructures of the college including but not limited to: firewalls; IDS/IPS; NAC; event log analysis; patch management; anti-virus; perform threat/vulnerability/risk assessments; manage/perform security audits; develop security awareness instructional material and activities; perform or assist with investigations; coordinate the handling and resolution of incidents of a security breach.
2. Responsible for managing all identity and access management infrastructure, including but not limited to, identities (provisioning and de-provisioning) across heterogeneous on premise and hosted systems, federation (ADFS), authentication, and single sign-on.
3. Work across all IT domains and implement mechanisms to proactively identify, track, mitigate, and report information risks. Lead the computer security incident response team and establish incident response processes between IT and college departments; document computer security and emergency measures, procedures, and tests.
4. Drive continuous improvement of the cyber security program through identification of risk, recommendations for improvements, automation of alerts and remediation, and communication with other IT functions. Develop and align IT security controls with industry best practices from NIST, ISO, FERPA, HIPAA, GLBA, PCI-DSS, and other relevant compliance standards.
5. Liaison to the Network, Application, Web, and Technical Support Service teams to effectively communicate and architect security solutions. Work on multiple projects as a team member or team lead, and lead systems related security components. Provide analytical and technical security recommendations to other team members, committees, and colleagues. Identify requirements, based upon need or as the result of a security issue that puts college systems at risk. Create, maintain, and document security baselines. Evaluate, design, and develop information security solutions for the adoption of security best practices.
6. Meet with department liaisons and management to help specify and negotiate application security requirements, review current policies and procedures for applicability, and OS security patch levels, and ensure safe transition of applications to production which will meet or exceed customer expectations.
7. Design, implement, analyze and communicate risk strategies and user activity audits; provide forensic data in authorized investigations following proper chain of custody. Perform web application penetration testing identifying architectural design weaknesses.
8. Detect and correct security related vulnerability and events through the monitoring and analyzing of results from: vulnerability scanners, intrusion detection and prevention systems and firewall logs, security information event management (SIEM), system and network security audits, anti-virus products and central console(s), web security, and other network monitoring tools. This will include holding teams accountable for delivering necessary capabilities and/or mitigating significant risks in alignment with the overall mitigation plan.
9. Provide expert knowledge and advise into the conceptual design and execution of the enterprise wide security (Windows, Mac, Linux/UNIX, network, web, TCP/IP etc…), data encryption techniques, certificate creation/validation, PKI and key management.
10. Coordinate information security metrics collection and assists CISO with analysis and reporting of collected metrics. Review and development of college information security policies, procedures, and guidelines.
11. Possess and maintain up to date knowledge on current technology, trends, attacks, and risk mitigation techniques and maintain an awareness of federal and state IT security laws, rules and regulations and how they may impact the college.
12. Represent the CISO at meetings and events as needed
13. Perform related duties as assigned.



 

Apply Now

Please mention to the employer that you saw this ad on UniversityJobs.com