Share this Job
Job Req ID:  41416

Sr. Incident Response Engineer


General Summary/Purpose:

Provides technical leadership, project management, and task execution for administration, programming, maintenance, performance, implementation, security and support of various departmental and enterprise wide multiple platforms, including the installation and testing of new software, operating systems, related utilities/services, and hardware products as well as the integration of new products and /or software release upgrades into the current environment.  Conducts systems performance evaluations, monitoring, patch management and security evaluations.  Analyzes user needs in various computer environments (including but not limited to mainframe, Windows, and mid-range) and makes recommendations for products and services that meet those needs.  Ensures that all systems environments are maintained in an efficient and cost-effective manner.   


Job Scope/Complexity:

Provide technical leadership based on extensive technical knowledge, skills and experience; influence clients towards innovative/integrated solutions.  Responsible for full life-cycle of large sized complex projects which can span an entire department, division, or enterprise-wide level.  For enterprise-wide level, typical projects impact the broader customer base of Johns Hopkins and its most mission critical systems.  Projects often require interaction with various departments and teams both within and outside the department.  Complex and large projects typically are applications/systems with 501-3000 concurrent users requiring uptime commensurate with Clinical, Business critical, Education critical or Enterprise systems.  Impacts of outages will cause major disruption such as implementation of downtime procedures, major disruption of business operations, and/or cascades to more than 7 systems/applications. Disruptions are without obvious or simple workarounds. Strong technical skills; strong ability to understand complex business processes.  Build and maintain client relationships through positive interactions.  Provide assistance to lower level positions.


Specific Duties/Responsibilities:

The responsibilities listed below are typical examples of the work performed by this position. Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility.


  • Design highly complex business, clinical, education, or infrastructure solutions by meeting with customers to observe and understand current processes and the issues related to those processes.
  • Provide written documentation and diagrams of findings to share with the client and other IT colleagues. 
  • Assist lower levels to effectively use the system's technical software. 
  • Design highly complex solutions that conform to institutional policies, standards, and guidelines, and infrastructure environment and to vendor and industry best practices to deliver a quality product.
  • Select infrastructure applications that reside between end user applications and hardware operating systems by working with vendors, customers, and other sources (i.e., open source or Internet2 initiatives) to provide configurable tools to the customers.
  • Develop new methods to improve service processes, performance, and functionality by examining system management tools and processes. 
  • Review new methods suggested by lower levels and approve the work.
  • Research, recommend, and implement new technologies based on the value to the institution.
  • Works with vendor processes and products to improve the quality and fit for the institution. 
  • Typically establishes product mastery, and demonstrates initiative for improvements.
  • Assign and lead technical systems analysis and design tasks for assigned environments and platforms.


  • Install and configure highly complex server hardware and operating systems by following technical documentation to provide a working product. 
  • Evaluate, implement, and manage appropriate highly complex software and hardware solutions by using best practices for the environment to ensure system integrity. 
  • Install and configure infrastructure applications by following product installation and configuration directions and industry best practices to deliver a solution to the customers. 
  • Ensure an effective schedule is developed of system backups and archive operations by providing leadership, oversight, and direction to technical team in best practices for the environment to ensure data/media recoverability. 
  • Lead and provide direction to technical team for all of above tasks by reviewing work and adherence to institutional standards and guidelines in order to deliver projects on time and within budget to the customers


  • Provide highly complex server level administration (manage HW/SW, maintenance, upgrades and patches, account maintenance, backups and recoveries and assist users) by following documented procedures to ensure a stable environment. 
  • Monitor and tune the system by following documentation and procedures to achieve optimum performance levels. 
  • Develop highly complex scripts and solutions by using departmental standards to automate systems management. 
  • Perform highly complex system software upgrades including planning and scheduling, testing, and coordination by following documentation and departmental standards to provide a stable product for the environment. 
  • Audit and maintain user access and authorization by following access and authorization documentation to provide for system security.
  • Generate and maintain highly complex periodic and ongoing system specific reports by using appropriate tools to assess system performance, integrity and capacity in order to deliver a stable environment to the users. 
  • Follow and maintain IT security awareness and best practices by understanding security principles as they pertain to environments supported in order to deliver secure solutions to customers. 
  • Utilize system management and monitoring tools and incident tracking systems by following documentation and standards to detect incidents, take corrective actions, and determine root cause. 
  • Monitor changes and resolve any incidents by responding to problems as they occur, by reviewing all processing and output of the newly implemented solution, and by proactively ensuring the solution works successfully in order to satisfy the customer requirements and to provide a smooth transition to the new solution.
  • Lead and provide direction to technical team for all of the above tasks by reviewing work and adherence to institutional standards and guidelines in order to deliver high quality maintenance and troubleshooting to the customers.


  • Implement changes by adhering to the change management policies and procedures for any given project to communicate to all parties the nature, significance, and risk factors of the solution. 
  • Lead effort to develop RFP’s by engaging project team members in the process in order to develop well defined requirements to potential vendors for proposed solutions.
  • Evaluate vendor proposals by reviewing requirements for the product to select the most appropriate vendor. 
  • Lead vendors, consultants, and inside Enterprise groups in developing applications by meeting with the team on a regular basis to deliver quality products to customers. 
  • Lead scheduled project team meetings by attending all meeting to provide input to the project team.
  • Author and maintain documentation by writing audience-appropriate materials to serve as technical and/or end user reference. 
  • Lead technical team in test planning, test scenario construction, and test sessions appropriate to the changes being implemented by following testing guidelines to ensure all delivered solutions work as expected and errors are handled in a meaningful way. 
  • Review test results and corrections to all changes by following institutional and departmental testing standards to ensure all delivered solutions work as expected and errors are handled in a meaningful way.
  • Participate in Institutional and Departmental committees and initiatives.
  • Lead and provide direction to technical team for all of the above tasks by reviewing work and adherence to institutional standards and guidelines to ensure collaboration and communication with team members and customers.


Minimum Qualifications:

  • Bachelor’s Degree required.
  • Six (6) years of related experience.
  • Additional education may substitute for required experience and additional related experience may substitute for required education, to the extent permitted by the JHU equivalency formula. 
  • Direct programming experience while pursuing education may count towards related experience. Significant undergraduate programming coursework or independent project can be considered as related experience.


JHU Equivalency Formula: 18 graduate degree credits (semester hours) may substitute for one year of experience. Additional related experience may substitute for required education on the same basis. For jobs where equivalency is permitted, up to two years of non-related college course work may be applied towards the total minimum education/experience required for the respective job.


Preferred Qualifications:

  • Knowledge in the assigned IT environments.


Special Knowledge, Skills, and Abilities:

  • Must possess all requisite knowledge, skills, and abilities as posted in the supplemental section.
  • Must demonstrate strong critical thinking and analytical reasoning skills.
  • Ability to work on multiple priorities effectively.
  • Ability to prioritize conflicting demands.
  • Ability to execute assigned project tasks within established schedule.
  • Ability to work collaboratively in a team environment.
  • Ability to communicate effectively in the service of users and colleagues.
  • Writes and communicates clearly and concisely.
  • Possesses sound documentation skills.
  • Ability to maintain confidentiality.
  • Must demonstrate exemplary customer service skills.


Classified title: Sr. Systems Engineer

Working title: Sr. Incident Response Engineer

Role/Level/Range: ATP 37.5/E/04/PF

Starting Salary Range: $80,664.96 – $110,880.00 (commensurate with experience)

Employee group: Full-Time

Employee Status: Exempt

Schedule: Monday-Friday – 8:30am-5pm 37.5hrs/wk - Occasional Telecommuting

Location: MTW Davis 3110A - 5801 Smith Ave, Baltimore, MD

Department name: 10000014-IT@JH Enterprise Services

Personnel area (School): UA – University Administration


General summary/purpose:


This position supports technologies that provide IT security monitoring, incident response, intrusion detection and prevention, vulnerability scanning, and security risk analysis and remediation. 


Specific duties & responsibilities:


This position is responsible for security incident response at Johns Hopkins.  This position is expected to collaborate with other members of the Enterprise Management, Monitoring, and Security team for incident response.  This involves, but is not limited to: collecting and analyzing evidence, determining responsible parties, assessing damages, helping to correct security vulnerabilities, reporting incidents to appropriate authorities, and providing recommendations on revising security guidelines and procedures.  This position will also work with engineers and administrators across Johns Hopkins to help provide guidance on proper logging, alerting, and security investigations.  It is expected that the incumbent will be a self-starter and will act independently (with minimal supervision) in representing IT @ Johns Hopkins. 


Describe the specific devices, software, projects for which the position is responsible:


This position is responsible for using IT monitoring and logging systems for security incident response.  This position is also responsible for identifying new techniques to identify security incidents.  These security monitoring systems are used to monitor for malware, compromised systems, compromised accounts, and general security incidents. 


Describe scale/size of area, project and/or system supported:


The scale is “big-E” Enterprise.  All Hopkins affiliates, including international locales. 

Users: 100,000+

Systems: 100,000+

Complexity is at the highest.


Work location:

Mount Washington Campus


On call requirements (if applicable):

Part of a weekly on call rotation for the services provided by the Enterprise Management, Monitoring, and Security (EMMS) team.


Minimum qualifications (mandatory):

Knowledge of IT Security Monitoring and Logging systems such as Splunk Enterprise, Splunk Enterprise Security and forensic tools such as sysinternals and Encase.  In depth knowledge of scripting technologies, such as PowerShell, VBScripting, command line scripting, and/or python are desired.  Expert knowledge of Operating System (Windows, OSX, and Linux) administration and logging, along with logging of key applications such as SQL, IIS, Apache. 


Preferred qualifications:


Special knowledge, skills, and abilities:


Technical qualifications or specialized certifications:


Any specific physical requirements for the job:


Supervisory responsibility (indicate the number and type of persons supervised by incumbent):


Budget authority (indicate dollar amount of budget managed and type/level of authority):





Essential Job Functions (add position-specific functions if necessary)


Analysis and Design


Install, Configure, Maintain






Relationship Management









The successful candidate(s) for this position will be subject to a pre-employment background check.


If you are interested in applying for employment with The Johns Hopkins University and require special assistance or accommodation during any part of the pre-employment process, please contact the HR Business Services Office at jhurecruitment@jhu.edu. For TTY users, call via Maryland Relay or dial 711.


The following additional provisions may apply depending on which campus you will work.  Your recruiter will advise accordingly.


During the Influenza ("the flu") season, as a condition of employment, The Johns Hopkins Institutions require all employees who provide ongoing services to patients or work in patient care or clinical care areas to have an annual influenza vaccination or possess an approved medical or religious exception. Failure to meet this requirement may result in termination of employment.


The pre-employment physical for positions in clinical areas, laboratories, working with research subjects, or involving community contact requires documentation of immune status against Rubella (German measles), Rubeola (Measles), Mumps, Varicella (chickenpox), Hepatitis B and documentation of having received the Tdap (Tetanus, diphtheria, pertussis) vaccination. This may include documentation of having two (2) MMR vaccines; two (2) Varicella vaccines; or antibody status to these diseases from laboratory testing. Blood tests for immunities to these diseases are ordinarily included in the pre-employment physical exam except for those employees who provide results of blood tests or immunization documentation from their own health care providers. Any vaccinations required for these diseases will be given at no cost in our Occupational Health office.


Equal Opportunity Employer
Note: Job Postings are updated daily and remain online until filled. 


EEO is the Law
Learn more:

Mount Washington Campus