The Pittsburgh Supercomputing Center, a joint research center Carnegie Mellon University and the University of Pittsburgh, was established in 1986, and for over 30 years has provided university, government and industrial researchers with access to several of the most powerful systems for advanced computational research, communications and data storage available to scientists, engineers and scholars nationwide for unclassified research. PSC advances science across the spectrum including artificial intelligence / machine learning, medical imaging, weather modeling, and genomics. The Advanced Systems and Operations group within PSC is responsible for the integration and operations of computational assets central to this pursuit. We are looking for creative and capable individuals to join an experienced team and continue our part in pushing forward the boundaries of science.
The Information Security Analyst/Engineer is immersed within Pittsburgh Supercomputing Center’s small, yet streamlined security team, reporting to PSC’s Principal Information Security Officer (PISO).
AS A MEMBER OF THE TEAM, THIS POSITION WILL:
- Participate in discussions regarding the improvement of PSC’s security posture leveraging evidence-based standards and threat intelligence sharing, ensuring this role with an opportunity to be heard; develop, implement, document and tune systems, processes and-or policies that improve said posture.
- Communicate with PSC staff and-or PSC users regarding potentially complex security-related technologies and-or processes (e.g., VPN use and best practices, authentication/authorization solutions, firewall changes, EDR, A/V, filesystem integrity monitoring, public key encryption, SSH, SSL/TLS).
- Work closely with PSC’s networking group to develop, implement, and tune network-based security tools, processes, and policies; setup, configure, and review events and-or logs governing security metrics; and respond to any information security incidents that transpire.
- Additionally, .5 FTE of this position will be subcontracted out to Trusted CI, The NSF Cybersecurity Center of Excellence, where under the leadership of PSC’s PISO, this role will: engage with NSF-funded research projects in order to help them understand cybersecurity, its benefits and how best they can implement it; participate in cybersecurity vulnerability identification and dissemination; and work closely with Trusted CI’s Chief Information Security Officer in improving the organization’s own security posture, as well as responding to any incidents that may occur. Finally, .25 FTE will be sponsored by NSF’s new award, the Advanced Cyberinfrastructure Coordination Ecosystem: Services & Support. (ACCESS), to participate in incident response due to cyber-attacks.
- Understanding of networking protocols.
- Understanding of cryptography (symmetric & asymmetric); understanding of access control principles (e.g., DAC, MFA) and methods (password-based, public-key authentication, Kerberos, etc.).
- Ability to analyze and solve problems with innovative solution.
- Ability to communicate security concepts effectively in writing and verbally to both technical and non-technical audiences; ability to research new ideas, including identifying needed information from various sources, and skillfully using the information necessary to support the idea.
- Ability to adapt to a dynamic, evolving information security environment through flexibility, context-switching and continued education.
- Familiarity with administration of Linux or other unix O/S.
- Familiarity with programming or shell scripting.
Flexibility, excellence, and passion are vital qualities within the Pittsburgh Supercomputing Center. Inclusion, collaboration and cultural sensitivity are valued competencies at CMU. Therefore, we are in search of a team member who is able to effectively interact with a varied population of internal and external partners at a high level of integrity. We are looking for someone who shares our values and who will support the mission of the university through their work.
- Bachelor’s Degree in Computer Science, Information Security, Information Assurance, or related field, e.g., Electrical Engineering.
- Or a combination of education and relevant experience from which comparable knowledge
- Successful background check.
Are you interested in this opportunity with us? Please apply
CMU’s COVID-19 Vaccination Requirements: As a condition of employment, Carnegie Mellon University requires all staff and faculty working in the United States to be fully vaccinated, including a booster when eligible, against COVID-19. Prior to commencement of employment, new hires in the United States must provide proof of vaccination or obtain an approved exemption. (Exemptions may be requested for medical reasons or for religious or strong moral or ethical conviction.) Those granted an exemption must comply with all applicable COVID-19 mitigation requirements, including use of facial coverings, daily self-assessment and weekly Tartan Testing.