Position Summary

This position provides the opportunity to solve challenging cybersecurity problems across a variety of environments, including MCNC’s internal enterprise, MCNC’s statewide North Carolina Research and Education Network (NCREN), and MCNC customer environments. Specifically, this position will help operate MCNC’s internal security program to meet enterprise cybersecurity objectives, including helping to secure internal systems, network and management systems, external cloud services, and data center initiatives. The position will also provide technical assistance to MCNC’s Vital Cyber services group, including directly supporting customers as part of MCNC’s Security Advisory Consulting services group.

Key Responsibilities/Duties

• Ensure that operational security controls are implemented and that they are performing effectively and efficiently on an ongoing basis. Areas of focus include endpoint security, network security, vulnerability management, encryption, and incident response.
• Assist in the effective operation of MCNC’s Vulnerability Management program to ensure that security vulnerabilities are rapidly identified and remediated.
• Participate in security incident response activities, including troubleshooting, triage, containment, recovery, and documentation.
• Collaborate with MCNC’s Internal Systems, Security Operations, NCREN Network Operations, and Network Management teams to ensure that MCNC’s cyber infrastructure is appropriately secured.
• Provide technical assistance to MCNC’s Security Advisory Consulting services team. This assistance may cover a number of areas, including (but not limited to) vulnerability assessment, secure system configurations, vulnerability remediation, testing deployed security controls, etc. Direct interaction with customers is likely.
• Utilize engineering and problem solving skills to integrate technology and build new solutions in support of MCNC’s Security Services business. Includes deploying and managing systems and software, writing scripts to automate processes, and “making technology solutions work” to support security service objectives.
• Additional duties as assigned by the CISO.

Minimum Education, Experience and Skills Requirements

• B.S. in Information Security, Information Systems, Engineering, Computer Science, (or related field) or equivalent combination of education and experience.
• 3+ years of experience in hands-on systems administration / technology integration role, with at least 1.5 years experience in a security engineering/security operations administration role.
• Thorough understanding of and significant practical experience with TCP/IP networking.
• Demonstrated experience coding/scripting with one or more of the following languages: Python, jQuery, JavaScript, PHP, Powershell, WMI, bash/ksh/sh, Java, Perl, etc.
• Experience with system administration on both Linux/Unix and MS Windows workstation and server operating systems. Experience using shell scripts for automating system administration activities.

• Excellent written and verbal communication skills. Must be able to communicate effectively with coworkers, management team, MCNC customers, and vendors.
• Able to work in a responsible and proactive fashion collaboratively or with minimal direct supervision.
• Comfortable collaborating across department boundaries to establish positive working relationships and drive operational security improvements without direct control of, or supervision of assets.
• Exposure to and familiarity with some or all of the following cybersecurity areas:
  • Utilizing vulnerability assessment tools (Nessus, NeXpose, Qualys, etc.) to establish and maintain a strong security posture for organizational assets.
  • Responding to security incidents, including coordinating response activities and serving as the primary security contact during an incident.
  • Managing an enterprise malware defense program, including centralized management of endpoint malware protection software.
  • Operating an enterprise patch management program to ensure that endpoint systems are protected with required security updates.
  • Enterprise encryption management, including certificate management/PKI, endpoint encryption systems (Windows, Mac, etc.) and encryption of portable media.
  • Security monitoring/intelligence gathering and analysis. This includes experience managing SIEM and/or log management tools such as Humio, Splunk, ArcSight, QRadar, etc.
• While the work location for this position may be primarily remote, occasional travel to and work from our Research Triangle Park, NC location will be required.

The following are not required, but will set you apart from other candidates:

• Relevant industry certifications such as CISSP, CISA, GIAC, Microsoft, Red Hat, etc.
• Experience implementing operational security controls for cloud-based infrastructure (AWS, MS Azure, Google Cloud Platform, etc.).
• Experience with container technologies such as Docker, LXC and associated management tools such as Kubernetes, OpenShift, etc.
• Experience with automation technologies such as Puppet, Chef, Ansible, etc.
• Experience administering Relational Databases (e.g., MySQL, PostgreSQL, MS SQL Server, Oracle, etc.).

Disclaimer:  The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.

MCNC is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other characteristic protected by law.