Posting Description: Examples of work performed:
Day-to-day tasks include creating and updating security standards/baselines for IT systems that are based on university policy and industry best practices, designing and implementing methods for auditing to those standards, second tier intrusion analysis, incident response, forensic imaging and investigations, as well as configuration and automation of the monitoring/alerting for various security devices and audit logs. This position also involves providing ongoing support and advice to IT staff and end users on a variety of security issues, and ensuring adherence to university security policies and standards.
Project work includes investigating, evaluating, architecting and deploying security solutions, security reviews for high-risk and/or regulated systems (e.g., PCI, HIPAA), security architecture and design for Office of Information Technology projects, and penetration testing of critical web applications. This individual will be also responsible for recommending strategies to prevent security incidents and breaches, based on analysis of information gathered from various security tools (firewalls, IPS, IDS, web security appliances, AV systems, vulnerability and patch management systems, SIEM, etc.
While participating in an Intrusion Prevention System (IPS) deployment project, the Senior Security Analyst participates in the project as the lead for the IT Security Team. Duties include defining security requirements, architecting a proposed solution, helping to scope the RFP, participating in RFP Q&A and participating in the vendor selection process. Once the vendor/product is selected, the analyst would help finalize the architecture and then assist with testing and implementation of the IPS.
While performing a penetration test of a critical system that contains regulated data (e.g., PHI or PCI data) that is accessible from the Internet, the Senior Security Analyst uses automated tools (vulnerability/configuration scanning tools such as Tenable's Nessus, in addition to application scanning tools such as IBM's AppScan) to identify low hanging fruiteasily identifiable security vulnerabilities , plus quasi manual tools like Burp Suite, in combination with a deep understanding of application vulnerabilities and secure program techniques, to develop a penetration test report that quantifies risk and recommends appropriate remediation to reduce that risk to acceptable levels. After risk acceptance discussions and system admin remediation, the security analyst follows up with an audit of the system, to ensure that appropriate remediation was completed.
The security analyst plans, designs and implements security architecture requirements for a variety of IT systems, including applications, file servers, Active Directory infrastructure, database servers and web application servers. Performs risk assessments and security reviews of critical university systems, including PCI (credit card) and HIPAA compliance systems. Drafts IT security standards that are based on university policy, and recommends changes to university policy based upon analysis of current risk and trends.
This position works with IT professionals, legal counsel, campus police, internal and external audit, as well as a broad section of the university community to identifying and clarifying issues related to information security and risk.
Minimum Qualifications: MINIMUM QUALIFICATIONS:
* Bachelor's degree in Computer Science, Management Information Systems, or related field. Work experience in the occupational field or specialized subject area of the work assigned to the job may also substitute on a year-for-year basis for the degree.
* At least 5 out of the following 7 experiences: 1. 3 years experience developing and auditing to security standards and baseline 2. 3 years experience performing security reviews 3. 3 years Linux/Unix sever admin experience and/or high level certification 4. 3 years experience with network-based Intrusion Detection Systems (IDS) 5. 3 years experience with Intrusion Prevention Systems (IPS) 6. 3 years experience with vulnerability scanning 7. 1 year of application penetration testing experience with automated and manual tools
Required Competencies/Knowledge, Skills, and Abilities: COMPETENCIES / KNOWLEDGE, SKILLS AND ABILITIES: * Knowledge of information security standards and frameworks * Familiarity with regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, PCI) * Familiarity with desktop, server, application, database and network security principles for risk analysis * Strong customer service and communication skills * Excellent organization and time management skills * Standards, security baselines and auditing * Security reviews * Linux/Unix sever administration * Intrusion Detection Systems (IDS) * Intrusion Prevention Systems (IPS) * Vulnerability scanning and assessment * Installation and management of Host-based Intrusion Detection Systems (HIDS) * Coding skills (C, Java, or PERL are a plus) * Packet analysis and network traffic monitoring
Desired Qualifications: PREFERRED QUALIFICATIONS: * Advanced degree in Computer Science, Information Security or related field * CISSP, GIAC (GSEC, GCIH, GCIA, GPEN) or other security certifications * CCNA (Cisco Certified Network Associate) * Experience performing code reviews * Experience with security policy and standards development * Experience developing and managing a security awareness program * Experience with HIPAA compliance * Experience working in a higher education environment
Campus: Anschutz Medical Campus