Information Security Analyst Senior

Caltech is a world-renowned science and engineering institute that marshals some of the world's brightest minds and most innovative tools to address fundamental scientific questions. We thrive on finding and cultivating talented people who are passionate about what they do. Join us and be a part of the diverse Caltech community. Job Summary The Information Security-Senior/Lead reports to the Chief Information Security Officer. The successful candidate will have worked in multiple Information Security areas, including but not limited to: AWS cloud environment security controls implementation. Security monitoring. Incident analysis and response. Consultation with customers to implement security controls. Network security. Application security assessment and remediation. Vulnerability management. Responsibilities Designing and implementing appropriate cloud security architecture for protection, logging and monitoring. Monitoring the Caltech environment for potential incidents. Performing analysis to detect and investigate threats both internal and external to Caltechs cloud and campus computing systems and networks and determining appropriate responses. Designing and advising on system architecture and enhancements to security infrastructure. Assessing security status of systems and software intended for Campus use. Advising and assisting Campus personnel at all levels on: Best practices for securing applications, data, and systems. Use of security-related technologies. Action to take in the event of a compromise. Current threats. Lead responsibility for designing appropriate control structure for Caltechs AWS cloud environment, including protection, logging and monitoring. Working with other IMSS personnel, implements controls in the AWS cloud environment. Participate in the teams SOC activities, including investigating and responding appropriately to internal and/or external complaints. Independently analyze and assess network activity using netflow data, system logs, packet capture and intrusion detection tools, and respond appropriately. Working collaboratively as part of a team, design, implement, and enhance the security and monitoring infrastructure operated by the Information Security group. Independently develop methodology and perform forensic and other in-depth analysis of critical systems for signs of unauthorized activity or abuse. Work both autonomously and collaboratively with team members to design, architect, develop and continuously enhance tools and resources for improved incident prevention, detection and response. Exercise discretion and independent judgment to determine possible threats, assess potential severity, and develop appropriate action plan for addressing issues identified. Independently research and make technical recommendations regarding Information Security policies, practices, system development and architecture. Assess existing and planned Campus systems and applications for vulnerability, including performing interactive application security testing and analysis. Develop strategy and communications for users at all levels, including internal and external security personnel, system administrators and/or end users about incidents and recommended recovery measures. Advise campus personnel on best practices for securing data and systems, and on usage of complex security-related technologies. Work collaboratively with resource owners to determine and establish appropriate security policies and practices; interpret and ensure compliance with existing Institute and departmental policies and procedures. Stay current on security techniques, tools and evolving threats; contribute to periodic security briefings and updates for members of the campus community at all levels. Assist Audit Services and Institute Compliance, the Office of the General Counsel, and the Office of Research Compliance upon request. Develop and document policies, internal processes, user tutorials and FAQs as assigned. As needed share in the performance of system administration functions for the security sensor and monitoring infrastructure operated by the Information Security group. Backup other team members in their duties, as needed. Other duties as assigned. Basic Qualifications The selected candidate must have a BS/BA degree in a related field, or equivalent experience, with a working knowledge of current security aspects of multiple platforms, operating systems, applications, firewalls, network protocols, and secure application development practices. 6+ years related systems security experience and deep subject-area knowledge, including designing, implementing and managing controls in an AWS environment, evaluating systems for risks and implementing controls, and handling security incidents of all kinds. Candidate must have in-depth knowledge of computer security principles and practices, including their application to operating system configuration, host and network monitoring, vulnerability scanning, application development, host and network forensic analysis. Must have excellent oral and written communication skills. Candidate must be able to work within a collegial group of Information Security analysts. Candidates should be customer-oriented and comfortable working with a user base with widely varying computer skills and support needs. Must be able to think and work independently in an organized and effective manner within a dynamic environment. Working knowledge of relevant state and federal legislation and best practice security standards. Preferred Qualifications 8+ plus years of directly related systems security experience and expertise, with a thorough knowledge of current security aspects of multiple platforms, operating systems, applications, firewalls, network protocols, and secure application development practices and expert knowledge of AWS cloud security controls. Familiarity with the following: Zeek; Oracle databases and Oracle web applications; Windows, Macintosh, Linux operating system hardening; Federated authentication; Microsoft Active Directory; Microsoft Office 365; secure web application development; PGP/GPG; PKI; Nessus; Burp; Suricata; Splunk; Argus; Cisco netflow. Experience in a university setting. Required Documents Resume About the Company

The California Institute of Technology is a private research university in Pasadena, California. #J-18808-Ljbffr