"Alerted.org

We are seeking a **_Cybersecurity Engineer_** who will be responsible for log management, host security, cloud security, asset discovery, vulnerability management, incident response, threat intelligence, Security Incident and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), Network Access Control, and network security.

Candidates must have a good understanding of firewall technologies, including next-generation firewall capabilities and be able to implement in an evolving network. Experience with multiple Firewall vendors is helpful. This position will work with the network team to assist managing firewall security and implementation.

The Engineer will be responsible for running penetration and vulnerability scans externally, internally, and producing reports and providing support in resolving those issues to the technical team responsible for the health of those systems.

Experience with SaaS based SIEM technologies and the ability to coordinate with the enterprise IT team on security concerns leading and resolve any issue is required.

Position will also write and deliver department security documentation and processes, review with peers, and be responsible for coordinating internal reviews, reviews with enterprise security team and participate in audits.

Job Scope/Complexity

Cybersecurity efforts at Johns Hopkins Public Safety are complex due to our Academic and Healthcare missions and the complexity of supporting security projects. Incidents and projects are complex and varied in nature and also requires the ability to balance the demands of multiple projects.

Specific Duties & Responsibilities

+ The responsibilities below illustrate work performed by this position.

+ Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility.

_Security Monitoring_

+ Respond to all user, system, and network security incidents.

+ Troubleshoot problems associated with security tools.

+ Stay abreast of emerging security threats, vulnerabilities, and controls.

+ Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls.

+ Automate security controls, data, and processes to provide improved metrics and operational support.

+ Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls – SIEM, Log Aggregation Tools.

+ Apply adept understanding and experience with systems automation platforms and technologies.

+ Knowledge of the latest trends and awareness of current hacking techniques and cybercrime.

+ Working knowledge of either Cisco or Palo Alto firewall technologies. Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus.

_Host & Cloud Security_

+ Design, implement and administer automated security update technologies for client and server systems.

+ Design, implement and administer advanced endpoint protection technologies.

+ Test and identify network and system vulnerabilities and work to address them with the appropriate owners.

+ Help shape the organization’s security policies and standards for use in on-premises and cloud environments.

+ Create technical documents on the use of security technologies.

+ Apply system security engineering principles to deliver real world solutions to enhance our organization security posture.

+ Familiarity with network scanners such as Nessus, Tenable or Qualys and ability to interpret reporting and communicate remediation steps to others in the department.

_Data Security & Compliance_

+ Direct and influence multi-disciplinary teams in implementing and operating information security controls.

+ Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams.

+ Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders.

+ Familiarity with NIST, CJIS or CIS frameworks and understanding of how to implement one or more of these standards in a working environment.

+ Perform other related duties as requested.

Minimum Qualifications

+ Bachelor’s Degree.

+ Six years of related work experience with computer systems, applications and cybersecurity technologies.

+ Additional education may substitute for required experience, and additional related experience may substitute for required education beyond a high school diploma/graduation equivalent, to the extent permitted by the JHU equivalency formula.

Preferred Qualifications

+ Knowledge in the assigned technical areas this position is responsible for.

+ A CISSP certification is desirable.

Classified Title: Enterprise Cybersecurity Engineer

Job Posting Title (Working Title): Cybersecurity Engineer (Johns Hopkins Public Safety)

Role/Level/Range: ATP/04/PF

Starting Salary Range: $85,500 - $149,800 Annually (Commensurate w/exp.)

Employee group: Full Time

Schedule: M-F 8 am - 5 pm

FLSA Status: Exempt

Department name: VP for Public Safety Office of

Personnel area: University Administration

The listed salary range represents the minimum and maximum Johns Hopkins University offers for this position, based on a good faith estimate at the time of posting. Actual compensation will vary depending on factors such as location, skills, experience, market conditions, education, and internal equity. Not all candidates will qualify for the highest salary in the range.

Johns Hopkins provides a comprehensive benefits package supporting health, career, and retirement. Learn more: https://hr.jhu.edu/benefits-worklife/.

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

EEO is the Law

https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf