The Information Security Operations Specialist is responsible for daily monitoring, analysis, and response activities within the Information Security Office (ISO). Reporting to the Manager of Security Operations, the Specialist provides expertise in security operations, digital forensics, threat hunting, and data protection.

This role requires a strong understanding of information technology systems and supports the ISO mission in proactive security monitoring and response across the University's IT environments. The Specialist applies solid knowledge of network, system, and mobile device security, and attains security certifications as required. The Specialist also understands Princeton's institutional culture, policies, governance, and mission. The Specialist stays current with information security industry developments and trends related to tactics, techniques, and procedures. The Specialist participates in developing solutions and services for the University's cybersecurity programs.

This position is a hybrid role.

Security Operations

• Work closely with OIT and distributed IT teams (IT@Princeton) in departments, research labs, and administrative units to investigate security events, analyze digital evidence, and strengthen the University's cybersecurity protections
• Monitor automated SecOps platform, confirming playbook automation effectiveness, and when necessary, escalate issues, contact impacted individuals and/or IT@Princeton colleagues
• Draft procedural documentation as needed for operational records

Digital Forensics

• Perform forensic acquisition and analysis of endpoints, servers, cloud workloads, and network artifacts.
• Collect, preserve, and document digital evidence in accordance with legal, regulatory, and University requirements.
• Analyze logs, memory images, file systems, and network traffic to determine root cause, scope, and impact.
• Produce clear, defensible investigative reports for technical and nontechnical audiences.
• Support coordination with the Office of the General Counsel, Audit and Compliance, and external forensic partners when needed

Threat Detection and Monitoring

• Serve as a proactive threat hunter by analyzing alerts from SIEM, EDR, IDS/IPS, cloud security tools, and other telemetry sources.
• Assist in development of detection rules, correlation logic, and behavioral analytics to improve signal-to-noise ratio
• Identify emerging threats and suspicious activity across on-premises and cloud IT environments
• Collaborate with IT@Princeton colleagues to expand visibility across decentralized systems

Incident Response Operations

• Serve as a responder for cybersecurity incidents, including malware events, unauthorized access, data exposure, and compromised accounts.
• Execute containment, eradication, and recovery actions across diverse platforms and research environments.
• Maintain and improve incident response playbook workflows and communication protocols.
• Participate in after-action reviews and contribute to institutional lessons learned

Professional Development

• Participate in professional development training and conferences as approved by management to maintain and improve technical and service knowledge.
• Monitor relevant industry and higher education information security resources and bulletins to help ensure the University is current with information on perceived and existing threats to its information systems, data integrity, digital identities, networked devices; ensure this information is disseminated as outlined in operational playbooks

• 2+ years of experience in a security or network operations center
• Demonstrated IT security analyst skills through certification (e.g. CompTIA Security+ or GIAC Security Essentials certification or equivalent credentials or analogous proven experience)
• Critical thinking, analytical skills, and strong problem-solving skills
• Solid organizational skills, written and oral communication skills, and attention to detail
• Demonstrated commitment to professional customer service
• Ability to work in a team environment with strong collaboration and interpersonal skills
• Ability to work and communicate effectively with campus colleagues possessing various levels of IT understanding
• Ability to work in a fast-paced IT service organization, sometimes requiring re-prioritization of work and project schedules
• Ability to work non-standard hours during incident response and other IT security emergencies including evenings and weekends
• Demonstrated willingness to learn new technologies and skills as the needs of the industry and the Princeton University change
• Education: Bachelor's Degree or equivalent work experience

Preferred:

• Experience with Palo Alto Networks security solutions, including XSIAM and Cortex XDR
• Experience with IP-based networking and Windows, MacOS, and Linux computer operating systems

Princeton University is an Equal Opportunity and all qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability status, protected veteran status, or any other characteristic protected by law.

The University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's qualifications, work experience, education/training, key skills, market, collective bargaining agreements as applicable, and organizational considerations when extending an offer. The posted salary range represents the University's good faith and reasonable estimate for a full-time position; salaries for part-time positions are pro-rated accordingly.

If the salary range on the posted position shows an hourly rate, this is the baseline; the actual hourly rate may be higher, depending on the position and factors listed above.

The University also offers a comprehensive benefit program to eligible employees. Please see this link for more information.

PI283973028

About Princeton University

Princeton University is a vibrant community of scholarship and learning that stands in the nation's service and in the service of all nations. Chartered in 1746, Princeton is the fourth-oldest college in the United States. Princeton is an independent, coeducational, nondenominational institution that provides undergraduate and graduate instruction in the humanities, social sciences, natural sciences and engineering.As a world-renowned research university, Princeton seeks to achieve the highest levels of distinction in the discovery and transmission of knowledge and understanding. At the same time, Princeton is distinctive among research universities in its commitment to undergraduate teaching.Today, more than 1,100 faculty members instruct approximately 5,200 undergraduate students and 2,600 graduate students. The University's generous financial aid program ensures that talented students from all economic backgrounds can afford a Princeton education.

Connections working at Princeton University