The Center for Translational Data Science at the University of Chicago is a research center pioneering the discipline of translational data science to advance biology, medicine, and environmental research. We architect ecosystems of large-scale commons of research data, computing resources, applications, tools, and services for the broader research community to use data at scale to pursue scientific inquiry and accelerate discovery. These growing data commons offer petabytes of rich research data to scientists across the world. This at-will position is wholly or partially funded by contractual grant funding which is renewed under provisions set by the grantor of the contract. Employment will be contingent upon the continued receipt of these grant funds and satisfactory job performance.
The job performs a variety of activities relating to software support and/or development. Provides analysis, design, development, debugging, and modification of computer code for end user applications, beta general releases, web pages, and production support. Troubleshoots problems using existing procedures to find a possible solution. Performs and oversees a variety of activities relating to software support and/or development. Oversees technical development projects and the implementation of applications and/or websites. Provides analysis, design, development, de‐bugging, and modification of computer code for applications, beta general releases, and production support. Develops and builds web pages, applications and user interfaces using a variety of software applications, techniques, and tools. New development, break fixes, maintenance, operational support of code and application ecosystem currently in production. Includes overall application administration and integration management. Provides technical support for security teams by implementing security (sec) measures through development (dev) and automation (ops).
Production Support – Triage, research, communicate, address production incidents and security events.
Production Monitoring - Wrangle disparate system monitoring assets and SIEM solutions, develop common analytics to inform optimization, define benchmarks and confidence intervals, and forecast to proactively identify security risks and mitigate production incidents.
CI/CD Design & Implementation - Design, implement, and maintain a build and deployment automation solution to enable CI/CD for hybrid cloud architecture (on-prem and public cloud), following best security practices.
Security Automation – deploy, manage and run security infrastructure (Ex. Veracode, Bro IDS , Qualys, QRadar SIEM, IBM BigFix and Casper etc); assist with the automation of our security and compliance procedures.
Security DevOps -- integrating secure development best practices and methodologies into development and deployment processes; response and recover to security incidents using a standard workflow that limits damage and reduces recovery time and cost.
Stay abreast of broad technical knowledge of existing and emerging technologies, including public cloud offerings from Amazon Web Services, Microsoft Azure, and Google Cloud.
Investigates, analyzes and resolves day-to-day technical problems using standard procedures.
Works with stakeholders to gather and analyze requirements for developmental programs. Receives a moderate level of guidance to design applications to meet University and business requirements.
Performs code testing on components and works to ensure that appropriate implementation standards are met. Evaluates design alternatives for development cost and solutions using various methods.
Supports and maintains existing applications. Works with web developers and responds to requests from users.
Performs other related work as needed.
Minimum requirements include a college or university degree in related field.
--- Work Experience:
Minimum requirements include knowledge and skills developed through 2-5 years of work experience in a related job discipline.
Advanced degree in computer science, mathematics, statistics, engineering, or a relevant quantitative field preferred (PhD highly preferred).
2+ years experience developing infrastructure, system configuration and/or deployment automation, for one or more cloud platforms including OpenStack, AWS, GCP, and Azure.
2+ years of experience in Information Technology with a focus on cyber security, with knowledge of one or more of the following technologies: LockPath, Qualys, QRadar, IBM BigFix and Casper.
Experience in handling production system incidents and responding to cyber threats.
Hands-on scripting experience (Bash, Python, or other dynamic languages) with Unix/Linux OS or system administration experience.
Experience with configuration management utility (Salt, Chef, Ansible) and container based deployment (Docker, Kubernetes) preferred.
Experience with F5 or other load balancing technologies (Nginx, AWS ELB/ALB, etc.), WAF solutions, SIEM, and log aggregation tools (ELK stack, Splunk).
Experience with source control and build systems (SVN, Git, Jenkins, etc).
Experience with security frameworks (FISMA, NIST, FIPS).
Ability to promptly respond to, triage and resolve production incidents and events.
Ability to prioritize and manage workload to meet critical project milestones and deadlines.
Ability to weigh business needs against security concern.
Ability to conceptualize a course of action and to organize for the successful completion of that action is critical, often under tight deadlines.
Ability to present information in a consistent and concise manner.
Confidentiality related to sensitive matters such as strategic initiatives, trade secrets, quiet periods, and scientific discoveries yet to be put in the public domain.