Information Security Analyst

JOB SUMMARY:

Under administrative supervision, the information security analyst monitors and maintains cybersecurity defense systems for the College. Duties include: developing cybersecurity strategies, standards, policies, and procedures; serving as a point of contact for security incidents, cybersecurity operations, and regulations; and working closely with the infrastructure team to identify threats, gaps, and weaknesses.

SPECIFIC DUTIES AND RESPONSIBILITIES:

• Monitors and advises on information security issues; completes daily administration and monitoring of security tools and event logs; and ensures that the College's internal security controls are appropriate and operating as intended.
• Administers patch management.
• Identifies any unauthorized or suspicious activity; escalates to the appropriate team(s).
• Documents and gathers forensic evidence during an incident for investigation and remediation.
• Researches and helps implement new security tools to improve the overall security posture.
• Gathers and organizes data and other information for annual audits.
• Serves as a project manager within IT security projects.
• Facilitates IT security/risk training curriculum.
• Completes all other duties and responsibilities as assigned.

QUALIFICATIONS, KNOWLEDGE AND SKILL REQUIREMENTS:

• Bachelor's Degree in Information Systems or a related field; five (5) years of experience with system administration, system and network security, development tools and methodology, system management in Linux and Unix environments, and TCP/IP networking; or any equivalent combination of education, training, and experience which provides the requisite knowledge, skills, and abilities for this job.
• Knowledge of network and cybersecurity best practices and preventative measures.
• Knowledge of HIPAA, PCI, FERPA and other security and privacy practices.
• Knowledge of system administration, system and network security, and system management in Linux and Unix environments.
• Skill in TCP/IP networking and using development tools and methodology.
• Skill in working with Microsoft Office and Windows based applications.
• Skill in deploying patches in a timely manner.
• Skill in organizing, critical thinking, prioritizing, troubleshooting, designing solutions, and effectively using resources.
• Ability to handle multiple priorities, make decisions, be self-motivated, and function independently.

PHYSICAL DEMANDS:

This position classifies the physical exertion requirements as sedentary work involving lifting no more than 10 pounds at a time and occasionally lifting or carrying articles like docket files, ledgers, and small tools. Although a sedentary job is defined as one which involves sitting, a certain amount of walking and standing is often necessary in carrying out job duties. Jobs are sedentary if walking and standing are required occasionally, and other sedentary criteria are met.

ADDITIONAL EXPECTATIONS:

Requirements are representative of minimum levels of knowledge, skills and/or abilities. To perform this job successfully, the employee must possess the abilities or aptitudes to perform each duty proficiently. Additionally, all employees of the College are expected to maintain professional standards of communication, able to learn and apply new technology, and abide by all policies and procedures. Continued employment remains on an "at-will" basis.

This description is intended to indicate typical kinds of tasks and levels of work difficulty that will be required of positions given this title and shall not be construed as declaring every specific duty and responsibility of the particular position. This job description is not intended to be a contract for employment, and the employer reserves the right to make any necessary revisions to the job description at any time without notice.