Job Description

Scheduled Hours

40

Position Summary

Use the vulnerability management suite of tools to detect issues and communicate them with owners. Monitor news for emerging vulnerabilities that might impact the campus network. Work with teams to implement several vulnerability management projects over the next couple years including web scanning, cloud scanning, local scanning, various integrations, and others.

Job Description

Primary Duties & Responsibilities:

• Perform security operations monitoring which includes but is not limited to: tracking and monitoring of malicious software, vulnerability scanning, attack detection and log collection.

• Identify potential security risks and report to Information Security Manager.

• Open and track tickets with various IT departments.

• Assist IT departments in the tracking and removal of malicious software.

• Analyze and research to validate active sites and determine whether malicious and determine the best course for blocking.

• Configure server rules for blocking as appropriate.

• Produce reports and metrics concerning incidents and their mitigation.

• Identify trends and make security recommendations to manager.

• Perform other duties as assigned.

Working Conditions:
Job Location/Working Conditions

• remote

Physical Effort

• Typically sitting at a desk or table

Equipment

• Office equipment

The above statements are intended to describe the general nature and level of work performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all job duties performed by the personnel so classified. Management reserves the right to revise or amend duties at any time.

Required Qualifications

Education:

Associate degree or combination of education and experience may substitute for minimum education.

Certifications:

No specific certification is required for this position.

Work Experience:

Information Technology (2 Years)

Skills:

Not Applicable

Driver's License:

A driver's license is not required for this position.

JOB IS FROM: italents.netVIEW

More About This Job

PRIMARY DUTIES AND RESPONSIBILITIES (Essential Functions)

• Research emerging threats, system vulnerabilities, hacker methodologies, and key indicators of attacks and exploits
• Engage with IT at WashU to provide remediation guidance
• Conduct various types of vulnerability scans 
• Work with other members of the InfoSec team on Red/Blue/Purple Team exercises
• Stay up to date on the latest vulnerabilities
• Maintain up-to-date knowledge of tools, log sources, and vulnerability management best-practices to deal with evolving threat actors.
• Work with IT organizations to analyze and remediate vulnerable software across multiple platforms (Windows, Linux, macOS, mobile).
• Will be on call for security incidents as necessary    
• Perform other duties as assigned.
   

  CRITICAL SKILLS AND EXPERTISE:

• Passion for researching and solving unfamiliar complex technical problems.
• Experience with logging platforms e.g., Splunk, Elastic, or Humio.
• Basic knowledge of Microsoft Windows platforms, security hardening, Active Directory authentication, and logging capabilities.
• Basic knowledge of macOS and Linux operating systems and logging capabilities.
• Basic understanding of common tactics and techniques, such as those documented in the MITRE ATT&CK knowledge base.
• Experience using security tools e.g., Corelight, Firepower, SRX, FortiGuard, Palo Alto.
• Basic knowledge of common Internet protocols and services e.g., tcp, udp, dns, http, https, smtp, ssl, ssh, rdp, smb, sql, etc.
• Basic knowledge of cloud provider services and logging capabilities e.g., Azure, Amazon, and Google.
• Experience with networking technologies e.g., subnetting, IP allocations, BGP, firewalls, VPNs.
• Must possess an aptitude for patience, professionalism, tactfulness, and empathy.
• Strong team-oriented interpersonal skills; ability to effectively work with a wide variety of people.
• Must have proficient written and oral communication skills.
• Ability to work independently with limited supervision.

Preferred Qualifications

Education:

Bachelor's degree

Certifications:

Global Information Assurance Certification (GIAC) - SANS Institute, Systems Security Certified Practitioner (SSCP) - International Information System Security Certification Consortium (ISC2)

Work Experience:

No additional work experience beyond what is stated in the Required Qualifications section.

Skills:

Analytical Problem Solving, Cross-Functional Teamwork, Distributed Systems Technologies, Documentation Reporting, Information Technology (IT) Systems, Internet Protocol (IP), Nessus Vulnerability Scanner, Networking Technologies, Technical Communication, Transmission Control Protocol (TCP), Vulnerability Assessments, Vulnerability Scanning

Grade

G12

Questions

For frequently asked questions about the application process, please refer to our External Applicant FAQ.

Accommodation

If you are unable to use our online application system and would like an accommodation, please email CandidateQuestions@wustl.edu or call the dedicated accommodation inquiry number at 314-935-1149 and leave a voicemail with the nature of your request.

All qualified individuals must be able to perform the essential functions of the position satisfactorily and, if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions of their job, absent undue hardship.

Pre-Employment Screening

All external candidates receiving an offer for employment will be required to submit to pre-employment screening for this position. The screenings will include criminal background check and, as applicable for the position, other background checks, drug screen, an employment and education or licensure/certification verification, physical examination, certain vaccinations and/or governmental registry checks. All offers are contingent upon successful completion of required screening.

EEO/AA Statement

Washington University in St. Louis is committed to the principles and practices of equal employment opportunity and especially encourages applications by those from underrepresented groups. It is the University’s policy to provide equal opportunity and access to persons in all job titles without regard to race, ethnicity, color, national origin, age, religion, sex, sexual orientation, gender identity or expression, disability, protected veteran status, or genetic information.

Diversity Statement

Washington University is dedicated to building a diverse community of individuals who are committed to contributing to an inclusive environment – fostering respect for all and welcoming individuals from diverse backgrounds, experiences and perspectives. Individuals with a commitment to these values are encouraged to apply.