Enterprise Information Security Engineer I

The Enterprise Information Security Engineer's scope of responsibilities includes the assessment, design, and implementation of enterprise-level security technologies and processes to safeguard the institution's information resources. This position may also assist with the training and development of team members and may contribute to other technical projects.

The Enterprise Information Security Engineer I may work with other departments and areas at tactical and strategic levels and may also interface with the external community, stakeholders, vendors, and other partners in providing security solutions.

Discretion and sound judgment are expected. Enterprise positions are restricted for use in central IT Division areas reporting to the institutional CIO and, as such, may interface with key IT leadership and/or other functional leadership within the institutions.

• May assist with the assessment, testing, validation, & documentation of the current security technology infrastructure, including next-gen firewalls, IDS, IPS, SIEM, PAM, sandboxes, encryption, endpoint protection,NAC, & others, and provide recommendations that significantly improve the institution’s threat prevention, detection, and response capabilities in innovative ways.
• Ability to configure and maintain security infrastructure software and hardware to protect enterprise-wide mission-critical systems and information  resources.
• Assist in the assessment, planning, development, and documentation of the enterprise-level IT security strategy and architecture as directed by TTU Enterprise IT Security management.
• May train and will provide support to team members and other staff regarding system and data safeguard best practices.
• Will support Texas Tech University’s Enterprise IT Security team members.
• May assist with the development and production of security metrics, analytics, and reports as required.
• Performs other duties as assigned by supervisor, EITS leadership, CISO, or CIO.
• Maintains an active awareness of the evolving security threat landscape.
• Maintains an active awareness of federal, state, and local regulations, policies, and industry standards.
• Interface with users, vendors, or other stakeholders. May interface with key IT leadership and/or other functional leadership from the Texas Tech University System Institutions.
• Adheres to all appropriate Institutional policies (including IT OPs) and other relevant internal departmental policies.

REQUIRED KNOWLEDGE,SKILLS, AND ABILITIES
Ability to:

• Develop strategies and execute effective solutions within complex system and environments.
• Exercise judgment based on an understanding of applicable laws, regulations, organizational policies, and activities.
• Plan and organize effectively, prioritize goals, use time efficiently, and stay on task.
• Communicate effectively, both orally and in writing.
• Establish and maintain effective work relationships.
•  Understand and apply specialized knowledge in computer systems, networking, programming, software engineering, data metrics and analytics, and controls relating to IT Security.

Knowledge of:

• Security software and hardware technologies.
• Security metrics, analytics, and cybersecurity prevention, detection, and response techniques.
• Information security risks, controls, and control validation techniques.
• Information security industry standards & frameworks (e.g., NIST, ISO, SANS, SSDLC, etc.)(5) Laws and regulations impacting information security (e.g., HIPAA, TAC 202, FERPA, PCI-DSS, GLBA, Red Flag Rules, etc.).

Bachelor's degree with coursework in cybersecurity, computer science, MIS, IT, or other related area plus three years related full-time paid experience OR a combination of related education and/or experience. Applicants for this Security Sensitive Level II position will be subject to a criminal background check and must pass a drug and alcohol test after a conditional offer of employment has been extended, but before employment can be confirmed.