As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem solving skills and dedication to build stronger minds and a healthier world.
UW faculty and staff also enjoy outstanding benefits, professional growth opportunities and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits and natural beauty. All of which has allowed the UW to be nationally recognized as a “Great College to Work For” for six consecutive years.
The Office of the Chief Information Security Officer (CISO) is hiring an Information Security Analyst to remediate and respond to information security events at the University of Washington; promote and support the secure use of networked servers and desktops by faculty, staff, and students; act as a member of the information security Incident Response team as specified in University policy; participate in the development of new security services for enterprise and workgroup computing; participate and give presentations in professional working groups; advise UW Information Technology and campus computing professionals on information security vulnerabilities, response, and remediation applicable to the Unversity environment; and help support system administration tasks within the Office of the CISO.
The ideal candidate will have a good understanding of how adversaries think and be able to balance defensive measures with business needs in a way that supports the mission of the University. The candidate should be mindful of assumption of breach, trust boundaries, operations security, principle of least privilege, attack surfaces, and monitoring and detection.
The Information Security Analyst will support the mission of the Office of the Chief Information Security Officer (CISO) by supporting risk-based information security management practices. This person will be part of a multi-disciplined team that works to: understand the information security risks associated with complex environments and information systems; effectively communicate those risks to both technical and non-technical audiences to add value and inform decision-making; take action on information security threats against University assets; research cyber threats and provide relevant briefings; and create tools to promote information security best practices.
The person in this position is expected to demonstrate detailed knowledge and experience with: Information security issues in an open networked environment. The secure use and system administration of Unix/Linux, Mac and Microsoft operating systems. Information security issues and TCP/IP networking in an open and highly distributed environment. Enterprise Intrusion Prevention Systems. Performing information security incident response, analysis, and remediation. Networking protocols and architectures such as TCP/IP, 802.11, LAN, WAN, and VoIP.
The person in this position is expected to have a broad technology background and a general understanding of: Managing Linux servers such as Red Hat and Ubuntu. Security tools such as Netcat, Nmap, Nessus, Wireshark, Metasploit, and Burp Suite. Internet protocols and formats such as HTTP, TLS, SSL, HTML, and XML. Database technologies such as MySQL, SQL Server, and Oracle. Identification and authentication technologies. Cloud and virtualization architectures. Encryption techniques, algorithms and approaches.
Bachelor’s Degree in Computer Science or Related Field.
Minimum four (4) years’ experience in information security in an educational, research, scientific, or cultural institution.
Detailed experience working with Windows, Mac, and Unix/Linux operating systems for desktops and servers.
Experience performing progressively more complex and responsible tasks within a technical environment, including maintenance and support of networked computer systems, applications, and operations.
Experience consulting on information security threats and vulnerabilities.
Strong understanding of and experience with security-related technologies, systems and tools, including Intrusion Prevention/Detection Systems, firewalls, etc.
Strong understanding of and experience using computer programming techniques and languages (Python, Perl, PowerShell, etc.).
Experience with security incident response, analysis, remediation and prevention.
Experience advising stakeholders, at all levels in an organization, on information security related risks.
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
Demonstrated excellent communication skills (i.e., written, verbal, listening), technical documentation skills, user liaison skills, and personal interaction abilities.
Ability to work within large collaborative organizations, building consensus and fostering ongoing relationships.
Ability to work independently with minimal supervision.
Knowledge of internet protocols (HTTP, DNS, etc.)
Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration.
Higher education or government agency information security experience.
Experience handling and protecting information at a variety of sensitivity levels.
Understanding of laws and standards such as FISMA, GLBA, FERPA, PCI DSS, and NIST.
Information security certifications such as CISSP, CSFA, CEH, GWAPT, GPEN, etc.
Ability to obtain and maintain a DoD Secret security clearance.
Knowledge of cloud and virtualization architectures.
Experience with ServiceNow.
CONDITIONS OF EMPLOYMENT:
Must be able to respond to security incidents during off-hours.
Must be willing to be on-call on a rotating basis.
This is an essential position and is required to report to work remotely when the UW suspends operations.
Application Process: The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process. These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
Committed to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.