Skip to main content

This job has expired

Senior Information Security Solutions Analyst

Employer
Towson University
Location
Towson, MD

View more

Administrative Jobs
Institutional & Business Affairs, Safety & Security, Technology, Analysts & Programming
Employment Type
Full Time
Institution Type
Four-Year Institution
Send job

Job Details

Description
  • Perform risk management activities such as third-party risk assessments, design to build risk analysis, vulnerability analysis, and threat intelligence. Additionally, provide technical guidance and serve as primary escalation point for TU's risk assessment process of identifying cyber risks.
  • Review third party audit validation reports (e.g., SOC2, PCI-DSS, etc.) as part of the risk assessment process.
  • Identify and recommend appropriate mitigating and compensating controls by leveraging a broad knowledge of technologies, processes, and controls.
  • Review architectures to ensure proper security and recommend mitigations and or compensating controls as necessary.
  • Consult with Information Security Leadership, OTS, legal, and Management Advisory and Compliance Services as necessary throughout the risk assessment process.
  • Serve as thought leader for Information Security technologies and initiatives as an active member of the OIS Leadership team.
  • Research new security technologies, methods, and standards for feasibility and appropriateness for TU’s use by evaluating business strategies and requirements.
  • Work collaboratively with the Project Management Office (PMO) and Project Managers to ensure security best practices (e.g., disaster recovery, auditing requirements, data classification controls, etc.). Additionally, provide security consulting leadership to project teams during the design/planning phases and work to effectively transition to operations and engineering groups.
  • Serve as a back-up to the Director as necessary for projects and daily operations.
  • Provide subject matter expert technical guidance related to regulatory requirements such as PCI, HIPAA, local and state government requirements, and other compliance mandates within OTS and business units.
  • Evaluate and negotiate security exceptions and standard deviations to ensure protection of confidentiality, integrity, and availability of TU's information assets.
  • Assess and analyze the level of compliance with all internal policies, procedures, defined standards, and industry best practices. Assist with management and continuous improvement of the OTS Internal Controls program.
  • Administration of relevant cybersecurity control validations and processes.
  • Monitor and assess compliance with approved policies, processes, procedures, and practices as relates to user access appropriateness and least privilege.
  • At the direction of the Director of Information Security, assigned as the Incident Coordinator for the Computer Security Incident Response Team (CSIRT), which involves managing, coordinating, and tracking activities during incident investigations.
  • Facilitation of Disaster Recovery testing and Incident Response tabletop exercises.      




    • Qualifications
    • Bachelor’sdegree and five years of related experience.

    • Hands-onexperience with IT Security tools and technology (e.g., Firewalls, Anti-Virus,Vulnerability Management, etc.).

    • Workingknowledge of compliance regulations such as HIPPA, PCI, FERPA, etc.

    • Strongcommunication, collaboration, and technical skills. Should be able to workeffectively with others at all levels across the organization and provideauthoritative guidance to management and staff within the organization.

    • Strongproject planning/execution skills.

    • Excellentverbal and written communication skills.

    • Abilityto work after hours and holidays.

     Preferences
    • Experiencewith analyzing IT vendor assessment questionnaires (e.g., HECVAT, SIG, CAIQ,etc.).

    • Experiencewith Risk Management Frameworks (e.g., NIST, OCTAVE, TARA, etc.).

    • Achieveda relevant cybersecurity industry certification (e.g., CISSP, CISA, Security+,etc.).

    • Ableto work independently, must be self-motivated, and demonstrate initiative.

    • Previousexperience as a system administrator, network engineer, or equivalent.

     ACriminal Background Investigation is required for the hired candidate and theresults may impact employment.



    Organization: Administration & Finance Division
    Primary Location: Main Campus
    Job Posting: Jun 12, 2019

    Organization

    Towson CampusTowson University (TU; www.towson.edu) was founded in 1866, is recognized by U. S. News and World Reports as one of the top public universities in the Northeast and Mid-Atlantic regions, and is Baltimore’s largest comprehensive university, and the largest public, comprehensive institution in the University of Maryland System. TU enrolls over 18,000 undergraduates and nearly 4,000 graduate students across six academic colleges (business, education, fine arts, health professions, liberal arts, science & mathematics), has over 865 full-time faculty, and offers more than 65 bachelor’s, 45 master’s, and 5 doctoral programs. Towson University offers many cultural, educational and athletics programs and events that are open to the public ranging from concerts and lecturers to Division I college sports.

    Towson Students Our centrally located campus sits on 330  rolling green acres and is 10 miles north of  Baltimore, 45 miles north of Washington  D.C., and 95 miles south of Philadelphia.  The town of Towson, MD. has a population  of approximately 52,000, with tree-lined  streets, shops, restaurants, movies, bookstores, a county library branch, live music venues, and is in walking distance of the TU campus. Towson was established in 1750 and is the seat of Baltimore County government.

    Check out Towson University's Youtube channel!

    Send job

    Get job alerts

    Create a job alert and receive personalized job recommendations straight to your inbox.

    Create alert