Information Technology (IT) is the unified IT organization that supports the vision, values, mission, and goals of the University by providing IT infrastructure, systems, administrative applications, academic resources and related services to faculty, students and staff. Embracing DUs Impact 2025, the division aligns IT resources with University and unit strategic goals and operational plans, providing service in the spirit of One DU.
The Information Security Engineer reports to the Manager, Information Security and is responsible for the management and administration of all IT Information Security related applications, systems, and services. Some of the responsibilities include performing and/or coordinating penetration tests, system/application vulnerability assessments, network security architecture reviews, risk assessments, and security service administration (Intrusion Detection/Intrusion Prevention Systems, SPAM Filtering, Web Filtering, etc.).
This individual is also a key participant in the investigation, evaluation and remediation of security incidents. Other areas of focus are supporting various department activities which may include: the development and maintenance of information security policies, procedures, and standards; training, and awareness activities; monitoring and administration of information security solutions. This position requires that the individual work in a team based environment which includes the work station space.
- Manage, administer, and configure Information Security related systems and applications.
- Perform Technology Risk Assessments for vendors, products, services or processes.
- Participate in or lead Information Security projects or department initiatives as required.
- Work with Information Security, Engineering and Operations teams to define and document technical security standards.
- Architect and design security control systems to address requirements.
- Participate in Security event analysis, incident response, and threat hunting.
- Identify control deficiencies and make appropriate recommendations.
- Ensure 3rd party software and services are securely configured and implemented in an effective manner.
- Engage appropriate University resources to assess the security risk associated with proposed projects and system/application modifications.
Knowledge, Skills, and Abilities
Intermediate working knowledge of security technologies including:
- Vulnerability assessment tools and pen testing tools.
- Network monitoring tools.
- Firewalls and NextGen Firewalls.
- Remote access VPN.
- AAA systems for Radius and web access.
- Endpoint protection software.
- Email protection systems.
- Intrusion Detection Systems/Intrusion Prevention Systems.
- Web Application Firewall.
- Security information and event management systems.
- Secure Wireless Architecture.
- Three-tiered application secure architecture.
- General secure architectural design concepts.
- Intermediate analytical and problem-solving skills.
- Good balance of technical competence and people skills.
- Project management skills a plus.
- Solid working knowledge of the network OSI model (Layer 2 and 3 in particular).
- Ability to work with the application and database teams to include security principles in their development process.
- Ability to present complex information in a clear, concise manner.
- Knowledge of domestic and international information security standards (e.g., ISO 27001/27002, SSAE16/ ISAE 3409, PCI DSS, HIPAA, FERPA, etc.
- Bachelors degree in Computer Science, Information Systems, Engineering or a closely related discipline.
- Two years related work experience or a combination of equivalent training and/or work experience.
- One or more Information Security Certifications: CISSP, CISM, GIAC, CCSP, CEH, CCNA-Cyber, Sec+.
- Working Knowledge of:
- Palo Alto firewalls
- Citrix Netscalers
- ProofPoint Email and Threat Protection
- HP/Aruba Clearpass Secure Network Access Control
- 3-5 years related work experience.
- Direct experience implementing and managing information security technology solutions.
- Direct experience working in a NOCSOC environment.
Monday - Friday, 8:00 a.m. - 4:30 p.m. however there may be irregular hours including both weekends and evenings.
For best consideration, please submit your application materials by 4:00 p.m. (MST) on December 3rd, 2021. Applications will continue to be reviewed until the position is filled.
Candidates must apply online through jobs.du.edu to be considered. Only applications submitted online will be accepted.
Salary Grade Number:
The salary grade for the position is 12.
The salary range for this position is $83,000 - $90,000.
The University of Denver has provided a compensation range that represents its good faith estimate of what the University may pay for the position at the time of posting. The University may ultimately pay more or less than the posted compensation range. The salary offered to the selected candidate will be determined based on factors such as the qualifications of the selected candidate, departmental budget availability, internal salary equity considerations, and available market information, but not based on a candidate’s sex or any other protected status.
The University of Denver offers excellent benefits, including medical, dental, retirement, paid time off, tuition benefit and ECO pass. The University of Denver is a private institution that empowers students who want to make a difference. Learn more about the University of Denver.
Please include the following documents with your application:
2. Cover Letter
The University of Denver is an equal opportunity employer. The University of Denver prohibits discrimination on the basis of race, color, national origin, age (40 years and over in the employment context), religion, disability, sexual orientation, gender identity, gender expression, genetic information, marital status, veterans status, and any other class of individuals protected from discrimination under federal, state, or local law, regulation, or ordinance in any of the university's educational programs and activities, and in the employment (including application for employment) and admissions (including application for admission) context, as required by Title IX of the Education Amendments of 1972; Title III of the Americans with Disabilities Act of 1990, as amended in 2008; Section 504 of the Rehabilitation Act of 1973; Title VI and VII of the Civil Rights Act of 1964; the Age Discrimination Act of 1975; the Age Discrimination in Employment Act of 1967; and any other federal, state, and local laws, regulations, or ordinances that prohibit discrimination, harassment, and/or retaliation. For the university's complete Non-Discrimination Statement, please see non‑discrimination‑statement.
All offers of employment are contingent upon satisfactory completion of a criminal history background check.