Information Security Operations Analyst
Posting DetailsPosition Information Position Number002878Functional TitleInformation Security Operations AnalystPosition TypeStaffPosition EclassEP - EHRA 12 mo leave earningUniversity Information
UNC Greensboro, located in the Piedmont Triad region of North Carolina, is a higher-research activity university as classified by the Carnegie Foundation. Founded in 1891 and one of the original three UNC system institutions, UNCG is one of the most diverse universities in the state with nearly 20,000 students and over 2,700 faculty and staff members representing more than 90 nationalities. With 17 Division I athletic teams, 85 undergraduate degrees in over 100 areas of study, as well as 74 master’s and 32 doctoral programs, UNCG is consistently recognized nationally among the top universities for academic excellence and value, with noted strengths in health and wellness, visual and performing arts, nursing, education, and more. For additional information, please visit uncg.edu and follow UNCG on Facebook, Twitter and Instagram.Primary Purpose of the Organizational Unit
The Information Security Office is a subset within the Information Technology Services (ITS) division that is charged with providing active information security assessment, risk analysis, incident management, information security controls, education, and guidance for the protection of UNCG’s information assets and information technology environment. The overall objective is to protect and preserve the confidentiality, integrity and availability of information and information resources for teaching and learning, research, service, and the conduct of university business.Position Summary
The Information Security Operations Analyst contributes to the success of the University by working to protect information systems and resources from security threats on a daily basis. This position provides day-to-day information security operations support including security event handling, security incident response, threat hunting, threat intelligence analysis, forensic analysis, vulnerability identification, and security incident recovery services. The Analyst is responsible for monitoring the safety and security of the University’s information systems and resources using a Security Event Information Management (SEIM) system with auditable logs of all investigations and response activities.
The Information Security Operations Analyst is also responsible for planning and executing short- and medium-term information security improvement projects and initiatives intended to improve UNCG’s information security posture, tools, policies, processes, and procedures with guidance and support from the Chief Information Security Officer (CISO) as well as information security architects and engineers. This includes investigating, evaluating, developing, and deploying customized security solutions to meet UNCG’s specific information security needs according to the adopted ISO/IEC 27002 framework. The Analyst works actively with other IT staff as well as end-users and leadership from other University departments and divisions to help determine information security requirements and deploy appropriate solutions that meet security best practices and recommendations.
The Information Security Operations Analyst provides ongoing support and advice to IT staff and end-users on a variety of security topics and issues, helping to ensure adherence to the University’s security policies and procedures along with compliance with applicable regulations. The Analyst recommends strategies to prevent security exposures and intrusions and plays a key role in helping University business units address extant and emerging security concerns.Minimum Qualifications
Entry level with Master’s Degree; Bachelor’s Degree and 0 to 2 years’ experience; or equivalent education/experience.
Degree should be in Computer Science, Information Technology, Information Security or closely related discipline from an appropriately accredited institution.
Demonstrated recent experience with information security operations functions, activities, tools, and systems.
Demonstrated recent experience with security configurations on cloud computing systems.
5+ years of experience in Information Technology positions with responsibility for security operations and/or configuration.
Demonstrated recent experience with end-user client computing systems including Windows, Mac, and Linux OS.
Demonstrated recent experience with server and network infrastructure operations, including Windows and Linux servers, virtual server systems, and complex enterprise network routing and switching.
Excellent interpersonal and written communications skills.
Information security industry or vendor certifications are desired.
Applicants are required to upload the following documents with their electronic application:
- Cover Letter
- List of References
Applicants are required to upload a list of references of at least three (3) professional references that includes:
- Company Name
- Type of reference (Professional, Supervisor, Colleague, Academic or Personal). One (1) of those references will need to be a current or previous supervisor.
- Email Address
- Contact Phone Number
Information Security Event & Incident OperationsEssential Tasks
Perform security event monitoring, alerting, investigations, notification, and response activities.
Tune and adjust alert triggers and security monitoring thresholds.
Generate security event data reports.
Create and distribute security advisories.
Perform security incident management and response activities.Key Responsibilities Percentage Of Time30Key Responsibility
Threat & Vulnerability ManagementEssential Tasks
Ingest and process threat intelligence data.
Perform threat hunting, threat identification, and threat analysis/assessment activities.
Conduct research into new and emerging threats.
Perform vulnerability identification and vulnerability management activities including vulnerability reduction through pursuit of patching and security configuration remediation.Key Responsibilities Percentage Of Time10Key Responsibility
Computer Security ForensicsEssential Tasks
Conduct information security incident forensics investigations including forensic data captures, drive imaging, and data recovery with the aim of identifying, preserving, recovering, analyzing and presenting facts and evidence in accordance with standard evidentiary procedures.
Capture and preserve evidence of computer crimes for use in internal or external criminal, civil, or administrative proceedings.Key Responsibilities Percentage Of Time10Key Responsibility
Information Security DocumentationEssential Tasks
Maintain and improve information security policies, standards, processes, and procedural documentation.
Author and maintain Knowledge Base articles, Work Instructions, and other guidance documentation.
Create and disseminate information security news articles and other advisory documentation.Key Responsibilities Percentage Of Time10Key Responsibility
Projects and Other DutiesEssential Tasks
Manage vendor relationships.
Participate in security and IT improvement projects and initiatives.
Provide consulting and advice to clients.
Plan and execute special security-focused projects and initiatives.
Perform other duties as assigned and required.ADA Checklist ADA Checklist
R for Rare (0-30%), O for Occasional (30-60%), F for Frequent (60-90%), C for Constant (90-100%).Physical EffortHand Movement-Repetitive Motions - F, Finger Dexterity - F, Reading - F, Writing - F, Vision-Preparing/Analyzing figures - F, Hearing - F, Talking - F, Sitting - FWork EnvironmentInside - CApplicant DocumentsRequired Documents
- Cover Letter
- List of References
- Reference Letter 1
- Reference Letter 2
- Reference Letter 3
- Salary History (DO NOT USE!!!!)
Required fields are indicated with an asterisk (*).
- * Please indicate how you learned of the vacant position for which you are applying:
- SpartanTalent Website
- Piedmont Triad Area Newspaper
- The Chronicle of Higher Education
- Inside Higher Ed
- Other professional journal / website
- UNC School System Job Board
- Personal Networking
- If you selected "Other", please provide the name of the resource here.
(Open Ended Question)