Are you looking to continue or grow your career in Information Security? Are you looking to develop your leadership skills? Our central Information technology unit, based in the heart of Evanston is looking for a motivated individual to support the maintenance and monitoring the security of the university’s information systems. This job is great for someone who enjoys engaging with clients, is a solid team-player and thrives in an innovative environment. The ideal candidate will demonstrate strong written and verbal communication skills, have experience with SIEM systems (i.e. Splunk or similar systems), vulnerability management systems (i.e. Qualys), have a solid understanding of networking, server-client technology, and operating systems, and have achieved security or technology industry certifications. In addition to joining a collaborative and hard-working team that values innovation, Northwestern employees take advantage of excellent healthcare and retirement benefits as well as generous paid time off. If you feel this could be a great career match, please apply today.

Job Summary:

Maintains systems to protect data from unauthorized users. Identifies, reports, and resolves security violations.  Designs, develops, tests and deploys security for applications or systems.  Collaborates with users, to obtain and implement user security requirements, including row-level security.  Ensures compliance with all security associated NU, state, and federal rules and regulations.  Works closely with NU, individual school and/or department IT to ensure security measures are implemented and communicated effectively.

Specific Responsibilities:

Administration

• Maintains records, forms and documentation.                 
• Assists in the preparation of training materials and communications.
• Conducts training sessions; shares educational information with users.
• Reviews requests for access and authorizes appropriate levels of security based on user needs, guidelines and policy.  
  • Assists in Administration of Information Security practice through development, implementation, and enforcement of information security policy and standards.    

Development

• Administers all security aspects for users.
• Designs and maintains security items such as roles, permission lists, query and report access, component interfaces, and batch process groups.
  • Participates in projects and assists in the execution of project plans to help ensure compliance with security policy and standards.
  • May be required to develop, execute and coordinate small scale security projects.
  • Interacts daily with user community to understand their security needs
  •  Provide assistance in remediation of security related issues.
  • Prepares and executives security risk assessments, analysis and remediation.
  • Assists in the resolution of audit findings through analysis, problem determination and development of cost effective solutions.

Miscellaneous

• Performs other duties as assigned.

Minimum Qualifications:

• Successful completion of a full 4-year course of study in an accredited college or university leading to a bachelor's or higher degree in a major such as computer science, information technology, or related; OR appropriate combination of education and experience.
• 2 years systems security or other relevant experience required.
• Infrastructure (extends across applications):  identity management/provisioning; information security; LDAP; Linux Operating System; Mac OS X Operating System; Microsoft Office (Word, Excel, Powerpoint, Access, Outlook); Server hardware; Storage hardware; Splunk, Qualys, Proffpoint
• Analytical: critical thinking; enterprise architecture; enterprise directory services; judgment; problem solving
• Project: organizational skills; planning

Minimum Competencies: (Skills, knowledge, and abilities.)

• 5 years of practical experience within technology and security environment. Technical background, with understanding of concepts of confidentiality, integrity and availability, disaster recovery, business continuity, user authentication and authorization.
• Basic understanding of firewall theory and network security.
• Excellent oral and written communications skills.
• Ability to weigh business needs against security concerns and articulate issues to the user community.

Preferred Qualifications:

• Security or technology industry certification (e.g. CISSP, SANS,CEH, Microsoft or similar)
• Proven technical expertise in networking, server client technology and operating systems.
• Ability to provide support to projects regarding information security practices.
• Analytical skills with ability to relate to technical and non-technical personnel.
• Ability to develop and implement policy and standards.

Preferred Competencies: (Skills, knowledge, and abilities)

• Knowledge of Security Information and event management (SIEM) concepts, applications and systems.
• Familiar with advanced vulnerability, management practices and toolsets.
• Ability to deconstruct electronic mail, metadata, network flows and log data from multiple sources.

Northwestern University is an Equal Opportunity, Affirmative Action Employer of all protected classes, including veterans and individuals with disabilities. Women, racial and ethnic minorities, individuals with disabilities, and veterans are encouraged to apply. Hiring is contingent upon eligibility to work in the United States.