Information Security Analyst
The Information Security Analyst is responsible for the execution and development of cyber security initiatives to protect computer assets by establishing and enforcing system access controls; maintaining disaster preparedness. This includes but is not limited to maintenance of the security awareness program, implementation and coordination of disaster recovery plans, change management, data privacy issues and response to cyber security related attacks.
- Develops security awareness program by providing orientation, educational programs, and on-going communication University wide.
- Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks).
- Review, develop and refine information security standards, polices, and procedures and implement controls to ensure compliance.
- Establishes system controls by developing framework for controls and levels of access; recommending improvements.
- Maintains access by providing information, resources, and technical support.
- Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
- Safeguards computer files; developing procedures for source code management, and disaster preparedness; recommending improvements.
- Investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices.
- Analyzes and assesses damage to the data/infrastructure as a result of security incidents.
- Assist in the creation, implementation, and/or management of security solutions.
- Review reports from security information and event management, intrusion detection and intrusion prevention systems and setup response accordingly.
- Work with auditors, conduct University risk assessments and internal information security audits.
- Manage compliance of information security to reduce risk.
- Draft, keep up-to-date and apply policies applicable to the University computing environment.
- Helps sustain networks and servers running at an optimal state to reduce downtime through controlled risk management procedures.
- Projects and tasks as assigned.
REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:
- Knowledge of IDS, Anti-Virus, vulnerability tools and network infrastructure concepts.
- Ability to read and use the results of mobile code, malicious code, and anti-virus software.
- Stays current with information security industry perspectives.
- Experience with awareness programs and can effectively communicate awareness concepts.
- Problem Solving and Process Improvement.
- Ability to work positively and cooperatively with others.
- Excellent written and oral communication skills.
- Flexible and adaptable to changing activities and workloads.
- Excellent interpersonal skills.
- Solid organizational and time management skills.
- Strong problem-solving skills and decision-making ability.
- Ability to work independently.
EDUCATIONAL REQUIREMENTS / QUALIFICATIONS:
- BA, BS degree in computer science or related field.
- Two to four years of experience working on information security initiatives.
- Possession of industry certifications highly preferred but not required.
- Global Information Assurance Certifications (GIAC).
- Security + and/or Network +
- Any equivalent combination of education and experience and training that provides the required knowledge, skills and abilities.
The work environment characteristics described here are a representation of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. The term "qualified individual with a disability" means an individual with a disability who, with or without reasonable accommodation, can perform the essential functions of this position.
While performing the duties of this job, the employee is regularly required to communicate professionally in person, over the telephone, through email and other electronic means, move about the office and University, handle various type of media and equipment, and visually or otherwise identify, observe and assess. The employee is occasionally required to lift up to 10 pounds unless otherwise specified in the job description.
The intent of this job description is to provide a representation of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total specific duties and responsibilities of any particular position. Employees may be directed to perform job-related tasks other than those specifically presented in this description. Saint Leo University is an Equal Opportunity Employer and embraces diversity as a critical step in ensuring employee, student and graduate success.
Job ID 2017-1525
Job Locations US-FL-Saint Leo