Security Operations Center Technician, Information Security Office (Qatar campus)-2008862
Carnegie Mellon University is a private, global research university that stands among the world’s most renowned education institutions.
With ground-breaking brain science, path-breaking performances, creative start-ups, big data, big ambitions, hands-on learning, and a whole lot of robots, CMU doesn’t imagine the future, we invent it.
If you’re passionate about joining a community that challenges the curious to deliver work that matters, your journey starts here.
The Computing Services central IT department provides services that have strategic impact on university goals. We make service decisions based on interaction and valuable input from colleagues engaged in the education, research and administration efforts of the university.
We are a learning organization and approach successes and mistakes as a learning experience to continually nurture a culture of intelligent risk taking.
We want to hire versatile team members who are inspired and passionate about their work. Join us and be part of a team committed to excellence, innovation, diversity, team and individual growth.
In this role, you will be a contributing member of Computing Services’ Information Security Office, responsible for monitoring, triage, response, escalation and investigation of information security incidents related to the operation of the 24 x 7 IT Security Operations Center (SOC).
You will also engineer, consult, assess and test information security systems. This position is stationed at Carnegie Mellon's branch campus in Education City, Doha, Qatar .
You will report directly to the IT Security Operations Center Manager in the Information Security Office in Pittsburgh, USA and also report to the Qatar Chief Information Officer in Doha, Qatar.
You will work primarily as a remote member of the Information Security Office as well as a member of the Qatar IT team in support of the information security program.
Your core responsibilities will include :
Providing technical leadership in designing, evaluating, implementing, operating, and supporting ISO program tools, systems, services, and techniques to prevent, detect, and respond to identified risks & threats.
Monitoring and responding to network intrusion, system log, and vulnerability alerts raised by automated detection systems, internal & external reports and manual investigation
Executing incident response procedures and Information Security Office (ISO) processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary
Monitoring threat intelligence sources to provide documentation and community announcements for current security & abuse issues
Coordinating threat mitigation and response efforts
Assisting campus IT personnel technically and procedurally with incident handling and threat mitigation
Investigating incident root cause & scope using host and network based forensics when called for by the incident response plan
Providing technical guidance and assessment of control requirements for compliance areas such as HIPAA, FISMA, PCI-DSS, GLBA, DFARS, and NCBI research data access.
Running projects to improve and automate processes and tools through evaluation, implementation and / or development as well as providing consulting across the division and campus
Handling service support requests for credential management, deprovisioning, certificate authority, vulnerability scanning, data loss protection and endpoint security
Sharing responsibility for maintaining documentation on all incidents and job related procedures
Collaborating with other groups to secure infrastructure and implement security controls supporting primarily compliance areas
Potentially assessing systems for vulnerabilities in design and implementation as well as penetration testing of hosts and client / server & web applications as required by various compliance areas
Able to regularly work evenings, weekends, and holidays with occasional on call support as needed
Annual international travel required
Bachelor’s degree or equivalent in experience (as evidenced by employment history, professional certification, and / or academic track record) is required.
5 years or more of work experience in cyber security incident response, SOC, and / or cyber intel analysis or 5-8 years of IT administration / engineering / support experience.
CISSP, GSEC, GCFE, or equivalent practitioner certificates or the willingness to pursue certifications as part of ongoing career development.
Some experience in security operational services, e.g., intrusion monitoring, security incident and event management, kill chain analysis, threat and vulnerability management, forensic investigation, etc.
Experience with Splunk or Splunk for Enterprise Security is a bonus.
Knowledge of various operating systems (Windows, Linux, MacOS).
Demonstrable expertise analyzing TCP / IP traffic, especially HTTP(S), TLS, and DNS traffic.
More Information :
Please visit Why Carnegie Mellon to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at : www.cmu.edu / jobs / benefits-at-a-glance / .
Carnegie Mellon University is an Equal Opportunity Employer / Disability / Veteran.
Qatar-Qatar-DohaTime Type : Full Time
INFORMATION SECURITY OFFICE (COMP SVCS)Minimum Education Level : Bachelor's Degree or equivalentSalary : Negotiable