Description

POSITION OBJECTIVE 
Working under limited supervision, this position is responsible for managing the installation and upkeep of technology infrastructure components related to new projects, regulatory change, product upgrades, and Move/Add/Change activities. The position's responsibilities include ensuring that federal and state laws and regulations as well as Case Western Reserve University policies, procedures, and standards regarding PII, PHI, HIPAA, and Data Use Agreements (DUA) are met. This position provides project management, vendor management, and serves an important role as a UTech liaison to campus customers, CWRU Information Security, and contractors. This position serves to develop and maintain the infrastructure that underpins the Secure Research Environment (SRE) which includes physical servers, storage, and network organized as a highly available virtualization platform to deliver virtual servers, virtual desktops, and virtual networks. This position also ensures external providers for colocation and Internet service meet university standards and service level agreements. This position manages the SRE services to ensure high levels of security, privacy, integrity, availability, seamless functionality, and simplicity. This position will deliver a high security environment for researchers working on sensitive and regulated data including PII and PHI. This includes the deployment, maintenance and troubleshooting of cyberinfrastructure in campus and collocated facilities. This position will collaborate with other infrastructure areas and business partners to drive new enhancements and optimization of new and existing services.

ESSENTIAL FUNCTIONS 
1.    Develop, design, implement, maintain, and report on a complete technology stack from hardware to multiple tier applications, confirming compliance, technical functionality, and performance with laws and regulations as well as Case Western Reserve University policies, procedures, and schedules. Manage day-to-day service operations utilizing ITIL/ITSM best practices and standards and adhering to policies and procedures to ensure cyberinfrastructure services, primarily virtualization, virtual server and virtual desktop services are secure, operational, and functioning as designed. This includes evaluating and responding to reported vulnerabilities, prioritizing and scheduling updates and upgrades, fielding operational tickets as level 3 support, meeting with customers to assess issues, and incident and problem resolution. (35%) 
2.    Participate as either a team member or team leader to provide subject matter expertise and technical direction for solutions at the division or university wide scale. Oversee design and implementation of technical installation projects. Work with faculty, staff, vendors, and contractors to design, develop and implement solutions. Ensure that all problems and significant events are recorded and that written resolutions are communicated appropriately. (20%)
3.    Meet with customers on assigned projects to develop and refine systems requirements, evaluate the cost and benefit and security of business process or technology alternatives, negotiate agreement on deliverables, infrastructure, metrics, and service levels; determine and resolve problems; complete objectives for installing and configuring servers, operating systems, applications, firewall rules, groups for roles, and group policies; and report on progress. Engage with senior colleagues (project manager, service manager, security officer) on project activities with or without any direct management. (15%)
4.    In conjunction with UTech network engineering, information security, and identity management teams, maintain and troubleshoot complex, multi-domain, network-based authentication and authorization systems including but not limited to Active Directory, LDAP, and DUO multifactor systems. (10%)
5.    Analyze incidents to identify opportunities to prevent incidents, improve first call resolution, and shift common tickets from level 3 to level 2 support. Work with the University communications team, Information Security and the UTech service desk on an ongoing basis to develop documentation and procedures, improve scripts and training material, and communicate new or changed service offerings. Participate in the creation and implementation of policies and procedures to ensure consistency with university's goals, industry best practices, and regulatory requirements. (10%)
6.    Continuously assess the infrastructure and design of cyberinfrastructure including servers, storage, networking, and desktops and make constructive suggestions for their improvement based on knowledge, training, and experience with customer issues. (6%)

NONESSENTIAL FUNCITONS 
1.    Ensure university monitoring solution monitors availability and performance of all SRE systems and alerts appropriate personnel when availability or performance does not meet the required level of service. Maintain service key-performance indicators (KPIs) and metrics to report to UTech leadership and campus community. (4%)
2.    Perform other duties and responsibilities as assigned. (<1%)

CONTACTS 
Department: Regular contact with all levels in UTech including Help Desk to maintain workflow.
University: Interact with the university customer service organization and directly with customers as necessary for support and problem resolution.
External: Contact with vendors and outside affiliates (e.g., Coforge, Expedient, Everstream) to facilitate the service delivery required.
Students: Contact with student employees working inside UTech and graduate students working for customers.

SUPERVISORY RESPONSIBILITIES
This position has no direct supervisory responsibility.

QUALIFICAITONS
Experience: 3 to 5 years of experience in managing servers and desktops.
Education/licensing: Bachelor's degree in related field. Virtualization, server, or network certifications are highly preferred. Valid Ohio driver's license.

REQUIRED SKILLS
1.    Ability to work with and maintain confidential information. 
2.    Knowledge of compliance with security frameworks such as NIST Cybersecurity Framework (CSF) or compliance with specific security requirements such as HIPAA, HITECH or NIST 800-171.
3.    Learn and use evolving change management policies and procedures to schedule and implement changes in a manner that minimizes negative impact on institutional and user expectations for security, privacy, integrity, availability, and performance.
4.    Knowledge and experience in virtualization platforms such as VMware vCenter and vSphere and features including high availability, distributed storage (VSAN), virtual distributed switching, network segmentation using VLANs and subnets, and interfacing with physical ethernet switching and routing and firewalls.
5.    Knowledge and experience in a desktop virtualization product such as Omnissa Horizon View include creating, managing and maintaining golden images for multiple pools; installing, managing and maintaining approved desktop applications; and managing access requests using role based access control.
6.    Proficient with system administration for Windows Server and linux.
7.    Knowledge and experience managing IP address management using Microsoft Windows Server for DHCP and DNS.
8.    Ability to find network requirements for new and upgraded applications, read firewall rules and request changes required, and read web proxy configuration and implement changes required in order to allow access to authorized users in authorized locations.
9.    Knowledge and experience managing Microsoft Active Directory including managing users and computers in Organizational Units using Group Policy Objects.
10.    Knowledge and experience managing and maintaining Microsoft Windows Servers using Microsoft Endpoint Configuration Manager.
11.    Knowledge and experience managing extended detection and response (XDR) solutions such as Microsoft Defender for Cloud hybrid including setting policies, responding to alerts, investigating threats, and improving security score.
12.    Knowledge and experience managing Red Hat Enterprise Linux servers including Red Hat Satellite, nginx reverse proxies, squid web proxies, and apache web servers.
13.    Ability to operate database servers including Oracle, SQL Server, and mariadb for applications.
14.    Knowledge of an enterprise backup and recovery solution such as Veeam Data Platform.
15.    Knowledge of a managed file transfer solution such as sftp or Serv-U MFT.
16.    Ability to evaluate risks and implement suitable preventative measures and mitigations.
17.    Basic proficiency with word processor, spreadsheet, presentation, and diagramming tools such as Word, Excel, PowerPoint, and Visio to document and communicate design principles.
18.    Excellent English oral and written communication skills, with the ability to communicate effectively and engage with a diverse user base having varied levels of technical proficiencies. Ability to interact with colleagues, supervisors and customers face to face.
19.    Ability to actively listen; responsive to verbal and nonverbal clues. 
20.    Ability to respond to difficult, stressful, or sensitive interpersonal situations in ways that reduce or minimize potential conflict and maintain good working relationships among internal and external customers. The ability to recognize awkward or potentially embarrassing situations that sometimes arise. Always aware of tone and careful choice of words, while at the same time ensuring that the intended message is clear, polite and readily understood. 
21.    Ability to develop relationships with clients and understand clients needs in-depth in order to be more helpful. The ability to consider how different audiences are likely to respond and choose the best method of communicating the message to each audience. 
22.    Ability to look at situations from multiple perspectives, break problems into component parts, and look for underlying causes and think through the consequences of different courses of action. Ability to identify various types of problems along with the creation of workable solutions. Requires the identification and analysis of problems, evaluation of alternatives, and provision of solutions. 
23.    Ability to develop networks and use them to strengthen internal and external support. Ability to identify opportunities and take action to build strategic relationships between UTech and other university areas, teams, departments, etc., to help achieve business goals. Ability to work effectively at all levels within an organization. 
24.    Consistently models high standards of honesty, integrity, trust, openness, and respect for the individual. Must have the ability to use discretion and good judgment on sensitive and important matters. Embraces diversity. 
25.    Experience working with diverse populations and willingness to support a community commitment to diversity, equity and inclusion. 
26.    Ability to recognize the importance of certain tasks and responsibilities and the ability to prioritize to ensure that deadlines are met. 
27.    Ability to be flexible to meet the constant changing scope and needs of the department, division and customers being served. Ability to work in a face-paced environment while managing multiple projects. Ability to optimize the use of time and resources to achieve the desired results; effectively plans and organizes work to minimize crises; prioritizes appropriately. 
28.    Ability to understand organizational change considering internal and external trends, influences, and future technology. 
29.    Ability to work with technologies for which little or no documentation or precedence exists. Commitment to self-motivated lifelong learning. 
30.    Demonstrated history of successful support, education, and advocacy for all students, aligned with the values, mission, and messaging of the university, while adhering to the staff policy on conflict of commitment and interest.
31.    Ability to meet consistent attendance.

WORKING CONDITIONS
The working conditions are typical of an office environment and computer rooms. Some heavy lifting of about 45 pounds may be required and there is bending and kneeling involved. The position will require access to the KSL data center and Expedient data center. The employee may be required to carry a cell phone, during and after their normal work hours, including weekends to attend to after-hours emergencies. Employee will perform repetitive motion using a computer mouse and keyboard to type.