Information Security Operations AnalystPosition Type:
EP - EHRA 12 mo leave earningUniversity Information:
UNC Greensboro, located in the Piedmont Triad region of North Carolina, is 1 of only 57 doctoral institutions recognized by the Carnegie Foundation for both higher research activity and community engagement. Founded in 1891 and one of the original three UNC System institutions, UNC Greensboro is one of the most diverse universities in the state with 20,000+ students, and 3,000+ faculty and staff members representing 90+ nationalities. With 17 Division I athletic teams, 85 undergraduate degrees in over 125 areas of study, as well as 74 master’s and 32 doctoral programs, UNC Greensboro is consistently recognized nationally among the top universities for academic excellence and value, with noted strengths in health and wellness, visual and performing arts, nursing, education, and more. For additional information, please visit uncg.edu and follow UNCG on Facebook, Twitter, and Instagram.Primary Purpose of the Organizational Unit:
The Information Security Office is a subset within the Information Technology Services (ITS) division that is charged with providing active information security assessment, risk analysis, incident management, information security controls, education, and guidance for the protection of UNCG’s information assets and information technology environment. The overall objective is to protect and preserve the confidentiality, integrity, and availability of information and information resources for teaching and learning, research, service, and the conduct of university business.Position Summary:
The Information Security Operations Analyst contributes to the success of the University by working to protect information systems and resources from security threats on a daily basis. This position provides day-to-day information security operations support including security event handling, security incident response, threat hunting, threat intelligence analysis, forensic analysis, vulnerability identification, and security incident recovery services. The Analyst is responsible for monitoring the safety and security of the University’s information systems and resources using a Security Event Information Management (SEIM) system with auditable logs of all investigations and response activities. Minimum Qualifications:
The Information Security Operations Analyst is also responsible for planning and executing short- and medium-term information security improvement projects and initiatives intended to improve UNCG’s information security posture, tools, policies, processes, and procedures with guidance and support from the Chief Information Security Officer (CISO) as well as information security architects and engineers. This includes investigating, evaluating, developing, and deploying customized security solutions to meet UNCG’s specific information security needs according to the adopted ISO/IEC 27002 framework. The Analyst works actively with other IT staff as well as end-users and leadership from other University departments and divisions to help determine information security requirements and deploy appropriate solutions that meet security best practices and recommendations.
The Information Security Operations Analyst provides ongoing support and advice to IT staff and end-users on a variety of security topics and issues, helping to ensure adherence to the University’s security policies and procedures along with compliance with applicable regulations. The Analyst recommends strategies to prevent security exposures and intrusions and plays a key role in helping University business units address extant and emerging security concerns.
- Entry-level with Master’s Degree; Bachelor’s Degree and 0 to 2 years experience; or equivalent education/experience.
- Degree should be in Computer Science, Information Technology, Information Security or closely related discipline from an appropriately accredited institution.
- Demonstrated recent experience with information security operations functions, activities, tools, and systems.
- Demonstrated recent experience with security configurations on cloud computing systems.
Special Instructions to Applicants:
- 5+ years of experience in Information Technology positions with responsibility for security operations and/or configuration.
- Demonstrated recent experience with end-user client computing systems including Windows, Mac, and Linux OS.
- Demonstrated recent experience with server and network infrastructure operations, including Windows and Linux servers, virtual server systems, and complex enterprise network routing and switching.
- Excellent interpersonal and written communications skills.
- Information security industry or vendor certifications are desired.
Applicants are required to upload the following documents with their electronic application:
- List of References
Applicants are required to upload a list of references of at least three (3) professional references that includes:
Applications are not successfully submitted until an online confirmation number has been received at the end of the application process.Recruitment Range:
- Company Name
- Type of reference (Professional, Supervisor, Colleague, Academic or Personal). One (1) of those references will need to be a current or previous supervisor.
- Email Address
- Contact Phone Number
Salary commensurate with experienceOrg #-Department:
Info Technology Services - 23101Job Open Date:
10/05/2021For Best Consideration Date:
10/12/2021Open Until Filled:
1.000Type of Appointment:
PermanentNumber of Months per Year:
ExemptPercentage Of Time:
Information Security Event & Incident OperationsEssential Tasks:
Perform security event monitoring, alerting, investigations, notification, and response activities. Percentage Of Time:
Tune and adjust alert triggers and security monitoring thresholds.
Generate security event data reports.
Create and distribute security advisories.
Perform security incident management and response activities.
Threat & Vulnerability ManagementEssential Tasks:
Ingest and process threat intelligence data. Percentage Of Time:
Perform threat hunting, threat identification, and threat analysis/assessment activities.
Conduct research into new and emerging threats.
Perform vulnerability identification and vulnerability management activities including vulnerability reduction through pursuit of patching and security configuration remediation.
Computer Security ForensicsEssential Tasks:
Conduct information security incident forensics investigations including forensic data capture, drive imaging, and data recovery with the aim of identifying, preserving, recovering, analyzing, and presenting facts and evidence in accordance with standard evidentiary procedures. Percentage Of Time:
Capture and preserve evidence of computer crimes for use in internal or external criminal, civil, or administrative proceedings.
Information Security DocumentationEssential Tasks:
Maintain and improve information security policies, standards, processes, and procedural documentation. Percentage Of Time:
Author and maintain Knowledge Base articles, Work Instructions, and other guidance documentation.
Create and disseminate information security news articles and other advisory documentation.
Projects and Other DutiesEssential Tasks:
Manage vendor relationships. Physical Effort:
Participate in security and IT improvement projects and initiatives.
Provide consulting and advice to clients.
Plan and execute special security-focused projects and initiatives.
Perform other duties as assigned and required.
Hand Movement-Repetitive Motions - F, Finger Dexterity - F, Reading - F, Writing - F, Vision-Preparing/Analyzing figures - F, Hearing - F, Talking - F, Sitting - FWork Environment:
Inside - C