Systems Security Eng II
Full Time
Boulder, CO 80305
Posted
Job description
UCAR is excited to announce the job opening for Security Engineer II. The System Security Engineer II is a member of the UCAR Office of Information Security (OIS), supporting security technologies, security operations, and incident response.
This position applies cross-disciplinary IT engineering and cybersecurity knowledge to consult upon, design, test, implement, and manage IT system solutions and processes designed to proactively identify and manage threats and vulnerabilities. The System Security Engineer II also supports UCAR compliance defined by NIST 800-171, working with IT and management across the organization.
Position Type & Term: Full-Time, Regular
This position applies cross-disciplinary IT engineering and cybersecurity knowledge to consult upon, design, test, implement, and manage IT system solutions and processes designed to proactively identify and manage threats and vulnerabilities. The System Security Engineer II also supports UCAR compliance defined by NIST 800-171, working with IT and management across the organization.
Where You Will Work:
At UCAR|NCAR|UCP, you will work alongside a dedicated team of professionals conducting critical research and community outreach to solve complex Earth system science problems including climate change, air pollution, extreme weather, floods, drought, wildfires, and space weather, all with the goal of improving human life and reducing economic loss. Each of us, from scientists to the professionals who support their work, serves the public and a collaborative community of scientists in our mission to understand the complex processes that make up the Earth system, from the ocean floor to the Sun’s core.
UCAR
University Corporation for Atmospheric Research (UCAR) is a federally funded research and development center (FFRDC) that manages NCAR on behalf of the National Science Foundation. UCAR is a nonprofit consortium of more than 115 North American colleges focused on research and training in the Earth system sciences. UCAR provides a voice for our members, in collaboration with the broader community, to convey the value of our research, education, and partnerships to policymakers and decision makers.
NCAR
National Center for Atmospheric Research (NCAR) is a world-class center leading, promoting and facilitating innovation in the atmospheric and related Earth and Sun systems sciences. Established in 1960 by the National Science Foundation, composed of seven labs with expertise in multiple fields of Earth system sciences, NCAR provides the university community with world-class facilities and services that are beyond the reach of any individual institution.
Enterprise IT
Enterprise Information Technology (EIT) provides a full range of networking, infrastructure, platforms, systems, software, applications, user support, multimedia, cybersecurity, and related services to the UCAR, NCAR, and UCP communities. EIT consists of six units: Enterprise Infrastructure and Platforms (EIP), Enterprise Software and Applications (ESA), Network Engineering and Telecommunications Services (NETS), Office of Information Security (OIS), User Experience and Support Services (UESS), and the IT Project Management Office (ITPMO). Additionally, EIT is responsible for the management, engineering, and operations of the Front Range GigaPoP (FRGP), a participant-directed Research and Education Network with members across Colorado, Wyoming, and New Mexico. Enterprise IT leadership and cross-IT functions reside within the Office of the CIO.
Office of Information Security
The Office of Information Security (OIS) provides organization-wide cybersecurity policy, guidance, consulting, and technical expertise, along with cybersecurity-specific services such as incident response, cybersecurity training, vendor security and privacy assessments, firewall management, VPN services, certificate management, and network monitoring and detection. OIS leads the cross-organizational Cybersecurity Advisory Council (CSAC).
This position supports facilities located in Boulder, Colorado and Cheyenne, Wyoming.
Job Location Type: Hybrid or fully remote work is acceptable.
Position Type & Term: Full-Time, Regular
Hiring Range: Annual Salary Range: $103,336 - $129,169
Application Notes:
-
Required application materials (preferably in PDF Format):
-
Resume
-
Cover Letter
-
-
An Inclusion statement may be required for applicants advancing to an in-person or video interview. When applicable, candidates will be notified with instructions.Learn more.
-
Work Authorization: US Residency is a Requirement. You must reside in the U.S. for this position. UCAR/NCAR will not sponsor a work visa (e.g., J-1, H-1B, etc.) for this position. U.S. Citizenship, Permanent Residency, or another protected status under 8 U.S.C. 1324b(a)(3) is required for this position.] Please see “Final Considerations” for more information at the bottom
-
Relocation Assistance: Relocation assistance is not available for this position.]
-
Pre-employment screenings are conducted for selected candidates; background checks are also conducted for risk-based positions.Learn more.
Benefits Overview (
not including internship or casual roles) UCAR affirms its commitment to employees through
competitive benefits
. Beyond rich medical, dental, vision, life insurance offerings, employee assistance and back up dependent care UCAR offers:
-
Tuition Assistance and other professional development opportunities
-
Potential for flexible working hours
-
Starting minimum of 20 days of personal time off
-
10 paid holidays
-
10 days of sick leave every year
-
14 weeks of paid parental leave
-
Company contributes 10% of gross pay into retirement; 100% fully vested on day one
-
EcoPass for local Colorado residents to use the Denver and Boulder-area transit system
Commitment to Diversity, Equity & Inclusion
Our organization is committed to creating a diverse, equitable, and inclusive work environment and fostering a culture where everyone feels welcome and supported. To learn more about these efforts, visit the
Office of Diversity, Equity & Inclusion Strategic Plan
and our
Diversity & Inclusion: A Welcoming Workplace
site.
Research shows that women and people of color are less likely to apply for a position if they do not meet almost 100% of the
desired skills and experience. Please note this is not necessary! If you meet the minimum requirements and have the passion for the work, you are encouraged to apply. We can provide on-the-job training for the rest!
HOW YOU WILL MAKE AN IMPACT AT UCAR
CYBER SECURITY OPERATIONS Provide cybersecurity engineering across UCAR’s information security management system in accordance with the NIST Cybersecurity Framework (CSF). This includes the documentation, design, development, testing, and implementation of technical solutions which support security operations and/or which support service across UCAR.
Engage with IT staff as appropriate to promote secure data practices, security solutions, and mitigation strategies. Carry out OIS tasks such as account and credential management as needed. Act as a point-of-contact for all issues related to cybersecurity, compliance, information privacy, and related best practices.
Present findings/reports to technical and non-technical audiences and provide recommendations for continual process improvement with respect to cybersecurity operations, and the OIS service portfolio. Draft and review documentation such as analyses of technical, administrative, or procedural security issues; procedural documentation, playbooks, and team documentation
Key Responsibilities
-
Demonstrated experience in one or more cybersecurity domains (such as secure IT operations, data security, incident response, security engineering, network security, systems security, or vulnerability management).
-
Ability to work with and communicate across a team environment.
-
Demonstrated ability to react to high pressure, dynamic changing environments.
-
Demonstrated ability to advise both technical and non-technical individuals on security and technical concepts.
-
Willingness and ability to work outside of normal business hours for maintenance or emergency response.
-
Broad knowledge of server systems administration.
-
Broad knowledge of TCP/IP networking and debugging.
-
Broad knowledge of security assessment and vulnerability scanning solutions.
-
Basic knowledge of Microsoft Active Directory, Kerberos, and LDAP.
-
Basic knowledge of network monitoring and logging solutions.
- Basic knowledge of firewall and VPN technologies.
- Willingness and ability to travel between Boulder, CO and Cheyenne, WY.
WHO WE’D LOVE TO JOIN OUR TEAM
Successful candidates will ensure their application materials speak to the following criteria:
- Familiarity with NIST 800 frameworks including the Cybersecurity Framework (CSF), NIST 800- 171, NIST 800-53 (FISMA), and the Secure Software Development Framework (SSDF), including requirements, process, and best practices.
- Basic knowledge of security information and event management (SIEM) solutions.
- Scripting or coding capability with major Unix/Linux software development environments.
- Ability to secure virtual environments built on VMware, Hyper-V, AWS, or similar cloud/virtualization platforms.
- Basic knowledge of identity access and management solutions.
- Basic knowledge of TLS certificate provisioning and management
Education & Experience
REQUIRED:
Bachelor’s degree in computer science or equivalent experience in network engineering, system administration, or related discipline; and at least 4-6 years of experience in an information security or systems administration field.
Must possess a valid driver’s license
Motor Vehicle Record that meets UCAR’s acceptability requirements for driving on UCAR business under UCAR policy 4-5. DESIRED BUT NOT REQUIRED
Holds one or more nationally-recognized security certifications including SANS, CISSA, MCA, CCSA, or CISA.SOME FINAL CONSIDERATIONS
Risk-based position: Pre-employment screenings and background checks are conducted in conjunction with an offer for employment into risk-based positions. This screening may involve verifying or reviewing any of the following relevant information: restricted parties screening, employment verification, education verification, reference checks, verification of professional licenses, certifications, and Motor Vehicle Records. Risk-based positions require pre-employment screening, a criminal background check, and Sex Offender Registry screening (for positions working with vulnerable populations). UCAR complies with the Fair Credit Reporting Act (FCRA).
Flexible Work
At UCAR, we are committed to supporting our mission by giving staff the flexibility to find the schedule and location that works best to maintain their own work-life circumstances and reach their full potential as professionals. Many positions within our organization are eligible for fully on-site, hybrid, fully-remote and/or flexible work schedules.
Employee Well-Being & Vaccines
In support of the health of our employees and their families, as well as visitors and the community, all UCAR employees are required to comply with UCAR’s COVID-19 vaccination policy, which requires staff to be fully vaccinated against COVID-19, subject only to legally required accommodations implemented by HR, prior to their start date.
Equal Opportunity Employer
UCAR is committed to providing equal opportunity for all employees and applicants for employment and does not discriminate on the basis of race, age, creed, color, religion, national origin or ancestry, sex, gender, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or pregnancy. Whatever your intersection of identities, you are welcome at UCAR.
Export Control
This position is subject to work location requirements for obtaining access to facilities and research systems. These requirements may include a combination of national security checks, credit checks, fingerprinting, or other security clearance requirements. This position is open to U.S. Citizens and Green Card holders.
Visa Wait Times
Please consider the length of visa procurement when applying for this posting, understanding that you will not be able to begin employment until you are able to get a visa and enter the U.S.
The University Corporation for Atmospheric Research (UCAR) is an equal opportunity/equal access/affirmative action employer that strives to develop and maintain a diverse workforce. UCAR is committed to providing equal opportunity for all employees and applicants for employment and does not discriminate on the basis of race, age, creed, color, religion, national origin or ancestry, sex, gender, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or pregnancy.
Whatever your intersection of identities, you are welcome at the University Corporation for Atmospheric Research (UCAR). We are committed to inclusivity and promoting an equitable environment that values and respects the uniqueness of all members of our organization.
colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, colinoncars.com is the ideal place to find your next job.