OmniSOC Platform Engineer (Network Security Analyst)
Indiana University

Job Info

---

Department

UITS OMNISOC (UA-DOMN-IUBLA)

Department Information

OmniSOC is a security operations center hosted at Indiana University which provides monitoring and security operations services to US-based higher education institutions, research and education networks, and NSF-funded research facilities. OmniSOC is primarily made up of 3 teams:

• A platform engineering team (this position) responsible for running the OmniSOC SIEM and other IT infrastructure as well as performing software development. This team operates in a devops model and supports both the services and security teams, along with OmniSOC members. The platform team manages an extremely scalable mission critical application while also developing and extending the OmniSOC core product. Platform engineers are able to assimilate new information, solve technical problems, and own software development and infrastructure projects.
• A security services team specializing in the comprehensive assessment and growth of OmniSOC members security programs by providing expertise, coaching, and security operations services to members. OmniSOC Services Team Analysts are experienced cybersecurity subject-matter experts capable of managing multiple highly complex tasks, projects, and client-members while coordinating with outside partners, software systems/vendors, and managing cybersecurity needs for novel applications across an array of stakeholders and contexts.
• The Security Analyst and Engineering Team focuses on the analysis of OmniSOC member log data from networks and endpoints for indications of potential malicious activity or compromise. Security Analysts triage triggered automated detection and network intrusion detection system (NIDS) alerts and investigate if an incident has occurred and then share findings with member institutions for mitigation. Security Engineers identify key member log sources and associated threats in order to build and tune automated detections to identify potential incidents for investigation by analysts and provide the analysts with playbooks to guide those investigations.

All 3 teams work together to deliver high-quality, timely service to our membership. Our success is dependent upon our teams working in a collaborative, highly organized and efficient manner.

OmniSOC Core Values

Member focus: Analysts engage deeply with members to understand their goals, strengths, needs and challenges. We are committed to raising the cybersecurity level of our community for the betterment of all.

Impact: Each analyst at OmniSOC bears responsibility for the success of OmniSOC and our community, we are committed to enabling the missions of education and research members through safer technology. We are focused on impactful over volume.

Improvement: We value an exploring mindset and actively encourage curiosity while pursuing ways to learn more, make the world better, and expand our expertise. We view mistakes not as failures, but learning opportunities, and try to learn from each failure.

Communication: We are open and direct with each other when discussing problems. We default to openly sharing information with each other, our members, and the community.

Courage: We make tough decisions without agonizing and learn through doing and through one another to collectively improve our decision making. We act according to our principles even when no one is looking, we are unafraid to speak our minds or question actions that don't align with our professed values. Solve problems, work with amazing people, enable science, make technology safer.

Job Summary

OmniSOC is seeking a skilled systems engineer to join our Platform Engineering team providing software development and infrastructure expertise to run our high volume Security Information and Event Management (SIEM) platform for our members in higher education, networking, and major science research projects across the United States. Our engineers are skilled at running highly scalable distributed systems that are both reliable and performant. They are subject matter experts in managing and developing complex systems, as well as keeping them available and secure.

Department-Specific Responsibilities

• Performs software development to both automate the management of the SIEM and to extend its functionality to the benefit of our members.
• Serves as a systems engineer for the OmniSOC SIEM platform with responsibilities including system administration and operation of the SIEM platform and underlying infrastructure.
• Develops software to run the infrastructure and provide new functionality for security investigations and alerting. (This SIEM platform provides the underlying service for the IU-hosted, multi-institution, security operations center (OmniSOC))
• Assists the staff and management of member institutions in setting up the flow of security event data from the members to OmniSOC.
• Provides very high level technical and practical expertise operating large scale and highly available IT infrastructure.
• Gains, maintains, and applies a significant depth of knowledge in many widely varied technology areas including computing, data and voice networking, and complex security systems and software.

General Responsibilities

• Designs, develops, and executes security controls to prevent hackers from infiltrating networks.
• Researches and analyzes attempted efforts to compromise network security protocols and proactively recommends and implements solutions.
• Maintains and monitors network security and administers security policies to control access to networks.
• Works closely with network operations to ensure proper implementation of security controls and protocols.
• Contributes to incident response investigations and assists with disaster recovery and business continuity efforts.

Qualifications

Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.

EDUCATION

Required

• Bachelor's degree (preferably in computer science or related field)

WORK EXPERIENCE

Required

• 2 years of experience in network security operations and analysis

Preferred

• 4 years of advanced systems analysis/programming/systems administration experience

SKILLS

Required

• Proficient communication skills
• Maintains a high degree of professionalism
• Demonstrates time management and priority setting skills
• Demonstrates a high commitment to quality
• Possesses flexibility to work in a fast paced, dynamic environment
• Seeks to acquire knowledge in area of specialty
• Highly thorough and dependable
• Demonstrates a high level of accuracy, even under pressure

Preferred

• Knowledge of using and administering Linux-based operating systems
• Ability to program in Python, Javascript, Perl, or any similar general purpose programming language
• Knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (DNS, SMTP, HTTP)
• Knowledge and understanding of "NoSQL" document based data stores, like Elasticsearch or similar
• Ability to troubleshoot, manage, and develop web-based applications
• Knowledge and understanding of configuration management systems like Ansible or Puppet

Working Conditions / Demands

This role requires the ability to effectively communicate and to operate a computer and other standard office productivity equipment. The position involves sedentary work as well as periods of time moving around an office environment and the campus. The person in this role must be able to perform the essential functions with or without an accommodation.

This role includes an "on-call" component where the employee is required to be the first responder for critical issues outside of normal business hours. The employee will participate in an on-call rotation with the rest of the team during which they will be expected to respond to occasional after-hours calls for a period of one week.

Federal background checks and/or non-disclosure agreements on behalf of the OmniSOC's customer base may be required to fulfill employment requirements. Please see this link for more information.

Work Location

Bloomington, Indiana or Indianapolis, Indiana

This position is eligible for remote work or to work a hybrid schedule (mix between remote and in-person work), subject to change in the future based on university policy and business needs.

Benefits Overview

For full-time staff employees, Indiana University offers a wide array of benefits including:

• Multiple plan options for medical insurance
• Dental insurance
• Health Savings Account with generous IU contribution
• Life insurance, LTD, and AD&D options
• Base retirement plan contribution from IU, subject to vesting
• Additional supplemental retirement plan options
• Tuition benefit for IU classes
• 10 paid holidays per year
• Generous Paid Time Off
• Paid Parental Leave
• Employee Assistance Program (EAP)

Learn more about our benefits by reviewing our online Benefits Brochure.

Job Classification

Career Level: Career

FLSA: Exempt

Job Function: Information Technology

Job Family: Network Admin, Analysis, & Eng
Click here to learn more about Indiana University's Job Framework.

Posting Disclaimer

This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.

If you wish to include a cover letter, you may include it with your resume when uploading attachments.

Equal Employment Opportunity

Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment based on individual qualifications. Indiana University prohibits discrimination based on age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University's Notice of Non-Discrimination here which includes contact information.

Campus Safety and Security

The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online. You may also request a physical copy by emailing IU Public Safety at iups@iu.edu or by visiting IUPD.

Contact Us

Request Support
Telephone: 812-856-1234

---