Department: CAS CIS Computer & Information Sci
Appointment Type and Duration: Regular, Ongoing
Salary: $90,000 - $125,000 a year
Compensation Band: OS-OA10-Fiscal Year 2024-2025
FTE: 1.0

Application Review Begins

October 3 2024; Position open until filled.

Special Instructions to Applicants

For full consideration, a complete application must include:
• A current resume/CV
• A cover letter
• Three (3) professional references with contact information

Department Summary

The Computer Science (CS) Department in the College of Arts and Sciences at the University of Oregon offers BS, MS, and PhD degrees in Computer Science. Instruction is provided by 17 tenure track faculty, and 6 career instructor faculty. The department serves approximately 600 undergraduate and 90 graduate majors, as well as offering several general education classes in the discipline. The primary research foci of the tenure track faculty are high-performance computing, data science, networking, and distributed systems with cross-cutting concerns of security and privacy.

To provide transformative experiential learning opportunities to students in the Cybersecurity (and other) program, the CS Department is creating a Training Security Operations Center (TSOC) at the University of Oregon campus. The TSOC follows the teaching hospital model where it is managed by full time SOC engineers and staffed by resident CS students registering in the related classes. The TSOC establishes partnerships with vendors for security monitoring services and serves clients outside the university at low cost. It may also offer training services to other members of the community.

Position Summary

The TSOC Engineer will initiate and lead various tasks and projects at the TSOC. This position will design systems that adhere to cybersecurity and privacy principles in accordance with TSOC design principles and determine policies for network security devices such as firewalls, VPNs, network access control devices for TSOC infrastructure and customers.

The TSOC Engineer will mentor resident students in all phases of security operations and enable research by sharing data, providing access to TSOC environments, and sharing pain points that provide opportunities for innovation and manage security analysis tasks for TSOC students and employees. The TSOC engineer may also interact with TSOC clients to understand and address their cybersecurity concerns.

Other responsibilities will include – performing cyber defense incident triage, performing real-time cyber defense, and correlating data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. In addition, the TSOC Engineer will interpret information collected and analyze malware.

Minimum Requirements

• Bachelor’s degree in computer science, Computer Engineering, Cybersecurity, or a related field OR
• Bachelor’s degree in another field and 3 years of relevant experience in Cybersecurity.
• Two years of demonstrated expertise in two or more of the following IT Security domains: Data Security, Digital Forensics, Incident Response and Analysis, IT Systems and Operations, Network Security, Systems and Applications Security, Vulnerability Management, Penetration Testing, or Cloud Security.

Professional Competencies

• Ability to work effectively with students and faculty from diverse backgrounds and create effective relationships for problem-solving and positive interactions.
• Demonstrated problem-solving skills.
• Demonstrate excellent communication skills, including the ability to explain technical concepts to audiences with a wide range of technical skills.
• Ability to adapt within a rapidly changing technical environment.
• Ability to work independently and in a team-oriented, collaborative environment.
• Perform duties in a way that advances and supports the department and university's mission

Preferred Qualifications

• Experienced familiarity with information security event triage.
• Experience working with a Security and Information Event Management product.
• Experience with enterprise information security forensic tools.
• Experience performing vulnerability scans and malware analysis in a professional environment.
• Experience with Network Access Control (NAC) systems.
• Experience in any of several programming languages (e.g., Python, Perl, Ruby, Java, C, shell-scripting).
• Experience with operating Intrusion Detection and Intrusion Prevention Systems (e.g., FireEye, SNORT, BRO).
• Experience with operating Vulnerability Assessment and Penetration Testing tools (e.g., Nessus, NMAP, Qualys, Nexpose, Metasploit).
•Working knowledge of laws, regulations and standards affecting information technology security in a higher education environment, including PCI-DSS, HIPAA, HEOA, FERPA, DMCA, and GDPR.
•Understanding of the NIST Cybersecurity Framework, ISO 27002, NIST SP-800 series controls or similar frameworks/standards.
• Two years of Experience in an academic campus IT environment.

FLSA Exempt: Yes

All offers of employment are contingent upon successful completion of a background check.

The University of Oregon is proud to offer a robust benefits package to eligible employees, including health insurance, retirement plans, and paid time off. For more information about benefits, visit https://hr.uoregon.edu/about-benefits.

The University of Oregon is an equal opportunity, affirmative action institution committed to cultural diversity and compliance with the ADA. The University encourages all qualified individuals to apply and does not discriminate on the basis of any protected status, including veteran and disability status. The University is committed to providing reasonable accommodations to applicants and employees with disabilities. To request an accommodation in connection with the application process, please contact us at uocareers@uoregon.edu or 541-346-5112.

UO prohibits discrimination on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, pregnancy (including pregnancy-related conditions), age, physical or mental disability, genetic information (including family medical history), ancestry, familial status, citizenship, service in the uniformed services (as defined in federal and state law), veteran status, expunged juvenile record, and/or the use of leave protected by state or federal law in all programs, activities and employment practices as required by Title IX, other applicable laws, and policies. Retaliation is prohibited by UO policy. Questions may be referred to the Office of Investigations and Civil Rights Compliance. Contact information, related policies, and complaint procedures are listed here.

In compliance with federal law, the University of Oregon prepares an annual report on campus security and fire safety programs and services. The Annual Campus Security and Fire Safety Report is available online at https://clery.uoregon.edu/annual-campus-security-and-fire-safety-report.