IT Security Analyst I
This role is responsible for monitoring the University’s security toolset, triaging alerts, and following escalation processes as defined by standard operating procedures (SOPs). The Analyst will ensure that SOPs and alerts are relevant and up-to-date, and perform other duties as assigned.
- Critical thinker with an ability to problem solve to protect the business
- Ability and willingness to participate in a rotating on-call schedule and a flexible shift schedule
Essential Functions and Responsibilities
- Working with Senior IT Security and IT Security Engineers, assists with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention)
- Functions equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work
- Implement tools, processes, and communications that support information security initiatives
- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains
- Operate Information security tools and processes
- Execute established security practices with consistency and discipline
- Collaborate with engineers to implement standardized practices and follow routine processes to promote secure systems
- Operate, observe, and analyze security practices
- Process service request tickets efficiently and reliably
- Performs Correction of Errors (CoE) of all incidents, often with members of other teams
- Monitors and tests fixes and patches to ensure problems have been adequately resolved
- Assists in the development of security policies and procedures.
- Continuously monitors tools for events that could lead to a breach.
Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies.
Ability to use network management tools to analyze network traffic patterns.
Ability to tune sensors, read, and interpret signatures.
Ability to create alerts and automated responses.
- Bachelor’s Degree or equivalent experience required
- 8 years minimum of relevant experience in local and wide area networking and communications within a multi-platform environment
- Experience analyzing network, event, and security logs, and/or IDS alert logs
- Experience with:
- Security Information and Event Management (SIEM) tools
- Tiered SOC model including working with an MSSP
- Analysis of:
- email and phishing incidents including the management of corporate email abuse inboxes
- IDS/IPS logs
- Operating system logs (Windows, Linux)
Salt Lake City, Utah, United States