Pay Range Minimum
Job Code:

*This is an Exempt position. Employees in this position are paid a salary on a monthly basis and are not eligible to receive overtime pay.

JOB DESCRIPTION: Technical and thought-leadership responsibilities for multiple information security disciplines such as incident response, vulnerability management, intrusion detection and prevention, threat hunting, security operations, security policy, and awareness/education. Oversees information security incident response activities, risk assessment and risk management activities, and vulnerability assessment and vulnerability management activities spanning University and Healthcare business units. Manages detailed network, operating system, database, and application vulnerability assessments and security configuration audits. Manages information security initiatives. Oversees operational tasks supporting information security functions such as intrusion detection and prevention, security event log analysis, management reporting, malware prevention and remediation, encryption, network segmentation, remote access, cloud security, and authentication. Supports, maintains, monitors, troubleshoots and enhances security infrastructure tools, methodologies, software, and hardware. Drafts and reviews information security policies, processes, and procedures. Prepares information security awareness and education materials and other documentation. Determines and documents information security requirements and controls necessary for the protection of information resources. Provides guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations. Independently develops automated tools and methodologies in support of Information Security functions. Analyzes data from Information Security functions and provides reports and recommended response actions to Information Security management. Represents Information Security to other organizations on information security related matters, as assigned. Publishes regular status reports and submits to management. Performs related responsibilities as required.
MINIMUM QUALIFICATIONS: A bachelor's degree and five years of related IT experience including demonstrated technical expertise in multiple information security domains, or an equivalent combination of education, training and experience. Excellent team participation skills, as well as good written and verbal communication skills. Strongly preferred qualifications include knowledge of information security technologies, methodologies, and best practices in the domains of: security incident response, vulnerability assessment and management, intrusion detection and prevention, system administration (Windows, OS X, Linux, etc.), security administration of networks, operating systems, databases and applications, access control, encryption, firewalls and proxies, networking, security event log analysis, malware prevention and remediation, cloud technologies, programming/scripting, and risk assessment and management. Security certifications are a plus (e.g. SANS/GIAC, CISSP, CISA, CISM).

The above statements are intended to describe the work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required of the personnel so classified.


Emory University is dedicated to providing equal opportunities to all individuals regardless of race, color, religion, ethnic or national origin, gender, age, disability, sexual orientation, gender identity, gender expression, veteran's status, or any other factor that is a prohibited consideration under applicable law.

Click here to return