Cyber Security Specialist – Linux Specialist

University of Oxford

About the University

Welcome to the University of Oxford. We aim to lead the world in research and education for the benefit of society both in the UK and globally. Oxford’s researchers engage with academic, commercial and cultural partners across the world to stimulate high-quality research and enable innovation through a broad range of social, policy and economic impacts.

The Oxford University Information Security Operations, also known as OxCERT, is currently expanding, and looking for a Cyber Security Specialist(Linux) with proven experience in Linux System Administration and Configuration Management.

The post holder will have  experience of managing on-premise Elasticsearch, cluster will be an added advantage.

The University of Oxford operates one of the largest private networks in Europe and the responsibilities of IT Services encompass not only the operation of the core network and core services, but also the security of that network and the hosts connected to it. The OxCERT security team is responsible for identifying security incidents within the University network and taking appropriate remedial action.

The team also provides advice and assistance on all issues relating specifically to IT security and incident response. They are an integral part of the University’s information security function and work closely with information security personnel as part of ongoing University-wide information security initiatives, and in co-ordinating response to major security threats and incidents.

OxCERT operate various systems for network monitoring, incident analysis and response, and related internal services. The team is a strong believer in Free Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based security information and event management system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition within the international community, and is a full member of FIRST ( – the world-wide body of security experts.


System Delivery:

  • Design, installation, management, and support of resilient multi-data centre systems;
  • Manage on-premise Elasticsearch based SEIM solution
  • Collaborate with the wider InfoSec team to enrich threat detection, deploy new tooling, and improve automatic response capability.

Technical Strategy and Planning:

  • Provide technical leadership for assigned areas and commensurate with expertise, including developing technical strategy and roadmaps within InfoSec and the wider University;
  • Contribute to the formation of University IT policy and design systems to ensure their secure and resilient
  • Present work outcomes and represent OxCERT and the University of Oxford in   in relevant forums.


  • Provide technical leadership in the area of Linux systems including developing technical strategies and roadmaps within the Information Security group, and the wider University
  • Collaborate with the wider information security community to share threat intelligence and analytic techniques;
  • Lead technical project teams and train junior member of staffs within the group.

Personal Development:

  • Maintain in-depth technical knowledge of industry trends and other assigned areas, including developments, patterns, and emerging technologies; take advantage of appropriate development opportunities; and advise the University on changes to the technology landscape.

Skills and Experience: 

  • Expert knowledge of the Elastic stack; particularly at scale and preferably on premises.
  • Thorough understanding of the Linux platform (preferably Debian GNU/Linux) and configuration management systems, preferably Ansible;
  • Knowledge, intellectual capacity, reasoning and analytical skills equivalent to those of a graduate;
  • Proven expertise in advanced Linux system administration, particularly Debian GNU/Linux;
  • Thorough understanding of IP based networking (IPv6 and IPv4) and the OSI model;
  • Demonstrable experience developing software in high level programming languages; preferably in Python
  • Ability to lead or contribute to the development and delivery of technical and information security design from requirement elicitation through to final architecture deployment within the team and in collaboration with relevant stakeholders;
  • Demonstrable experience of organising a busy and varied workload requiring self-motivation and excellent time management skills;
  • Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences; and
  • High level of personal integrity, as well as the ability to handle confidential matters, and show an appropriate level of judgment and maturity.

Desirable Skills: 

  • Experience of running infrastructure services on public cloud infrastructure such as AWS, Azure, or GCP;
  • Familiarity with the GitHub flow (branching, PRs, reviews, etc.) and Docker
  • Knowledge of critical web application security issues such as those identified by the Open Web Application Security Project (OWASP top 10);
  • Demonstrable experience of applying practical methodologies for both IT project and service management;
  • The skills and experience to become an effective member of the department as quickly as possible.

We will be conducting interviews throughout this period and hold the right to close applications should we find the suitable candidate

View or Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where ( you saw this job posting.

Job Location