Information Security Analyst I
University of Kansas Medical Center
Kansas City, KS
ID: 7298596
Posted: Newly posted
Application Deadline: Open Until Filled
Job Description
Job Description Summary:
The Information Security Analyst (ISA) is a member of the Information Security (IS) team and works closely with the other members of IS to develop and implement a comprehensive information security program. This includes a primary focus on detecting and preventing information security and cyber threats to our organization. The incumbent will be required to connect dots where they may not have existed before and correlate data in novel and interesting ways to determine weaknesses within our infrastructure (software, hardware, networks, etc.) to find creative ways to protect it. This position will be responsible for initial response to and troubleshooting cybersecurity, networking, and endpoint incidents; operational ticket-based work; as well as front line monitoring of network devices, data center equipment, and other enterprise information security architecture items.
The ISA is responsible for day-to-day operational security tasks. An ideal candidate has a passion for information security, problem solving, documentation, communication, organization, collaboration, and attention to detail. This individual will be empowered to help guide our security operations program. The ISA participates in the identification, tracking, and monitoring of information security threats and service operations. The analyst utilizes established processes and tools to focus on incident response, threat identification, analysis, and remediation. This position participates in the implementation and integration of risk management procedures.
Job Description:
Job Responsibilities
Perform real-time security log and event analysis and take action within defined parameters to contain and mitigate IS threats and escalate as needed.
Review and analyze security events and author reports detailing the activity.
Complete IS operations and process documentation.
Report detected elements concerning identified risks, vulnerabilities, and other security exposures to IS leadership.
Inform, assist, and train OIS team members and customers with security requests, exceptions, products, and procedures.
Monitor reports and security logs for unusual events and investigate as needed to achieve a compliant resolution.
Identify new or emerging IS threats and recommend actions to mitigate them.
Practice critical thinking and other forecasting methods to identify potential security incidents or disasters and work with the OIS team to reduce their likelihood.
Monitor antivirus and encryption systems.
Develop and improve relationships and communications with OIS customers and partners.
Adapt, improvise, and remain flexible to changing or competing requirements, schedules, priorities, and efforts.
Communicate and act in a professional, clear, and understandable manner.
Participate in after-hours upgrades, troubleshooting, and the OIS on-call schedule.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. It is only a summary of the typical functions of the job, not an exhaustive list of all possible job responsibilities, tasks, duties, and assignments. Furthermore, job duties, responsibilities and activities may change at any time with or without notice.
Work Environment
Projects include after-hours coordination.
Available 24/7 to respond to critical outages or incidents as needed.
Rotate in an on-call schedule.
Required Qualifications
Education: Associate degree in information security, computer science, engineering, telecommunications, systems administration, or another related technical degree area. A combination of education and relevant work experience may be substituted for degree on a year for year basis.
Work Experience:
One (1) or more years of progressive work experience in information technology or information security.
Knowledge of compliance standards and regulations such as HIPAA, FERPA, GLBA, PCI DSS, NIST, and other
Preferred Qualifications
Education: Bachelor’s degree in information security, computer science, engineering, telecommunications, systems administration, or another related technical degree area.
Work Experience:
CompTIA Network+, CompTIA Security+, (ISC)2 SSCP, or EC-Council ECSA certification, or an equivalent certification.
Experience with McAfee security tools.
Related work experience in a higher education or academic health care organization.
Prior experience with SIEM technologies.
Demonstrated experience implementing technical aspects of compliance standards and regulations such as HIPAA, FERPA, GLBA, PCI DSS, NIST, and others.
Understanding of networking architectures, topologies, practices, and technologies.
Experience with the Malcolm Baldrige Quality Excellence process and the Cybersecurity Excellence Builder.
The Information Security Analyst (ISA) is a member of the Information Security (IS) team and works closely with the other members of IS to develop and implement a comprehensive information security program. This includes a primary focus on detecting and preventing information security and cyber threats to our organization. The incumbent will be required to connect dots where they may not have existed before and correlate data in novel and interesting ways to determine weaknesses within our infrastructure (software, hardware, networks, etc.) to find creative ways to protect it. This position will be responsible for initial response to and troubleshooting cybersecurity, networking, and endpoint incidents; operational ticket-based work; as well as front line monitoring of network devices, data center equipment, and other enterprise information security architecture items.
The ISA is responsible for day-to-day operational security tasks. An ideal candidate has a passion for information security, problem solving, documentation, communication, organization, collaboration, and attention to detail. This individual will be empowered to help guide our security operations program. The ISA participates in the identification, tracking, and monitoring of information security threats and service operations. The analyst utilizes established processes and tools to focus on incident response, threat identification, analysis, and remediation. This position participates in the implementation and integration of risk management procedures.
Job Description:
Job Responsibilities
Perform real-time security log and event analysis and take action within defined parameters to contain and mitigate IS threats and escalate as needed.
Review and analyze security events and author reports detailing the activity.
Complete IS operations and process documentation.
Report detected elements concerning identified risks, vulnerabilities, and other security exposures to IS leadership.
Inform, assist, and train OIS team members and customers with security requests, exceptions, products, and procedures.
Monitor reports and security logs for unusual events and investigate as needed to achieve a compliant resolution.
Identify new or emerging IS threats and recommend actions to mitigate them.
Practice critical thinking and other forecasting methods to identify potential security incidents or disasters and work with the OIS team to reduce their likelihood.
Monitor antivirus and encryption systems.
Develop and improve relationships and communications with OIS customers and partners.
Adapt, improvise, and remain flexible to changing or competing requirements, schedules, priorities, and efforts.
Communicate and act in a professional, clear, and understandable manner.
Participate in after-hours upgrades, troubleshooting, and the OIS on-call schedule.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. It is only a summary of the typical functions of the job, not an exhaustive list of all possible job responsibilities, tasks, duties, and assignments. Furthermore, job duties, responsibilities and activities may change at any time with or without notice.
Work Environment
Projects include after-hours coordination.
Available 24/7 to respond to critical outages or incidents as needed.
Rotate in an on-call schedule.
Required Qualifications
Education: Associate degree in information security, computer science, engineering, telecommunications, systems administration, or another related technical degree area. A combination of education and relevant work experience may be substituted for degree on a year for year basis.
Work Experience:
One (1) or more years of progressive work experience in information technology or information security.
Knowledge of compliance standards and regulations such as HIPAA, FERPA, GLBA, PCI DSS, NIST, and other
Preferred Qualifications
Education: Bachelor’s degree in information security, computer science, engineering, telecommunications, systems administration, or another related technical degree area.
Work Experience:
CompTIA Network+, CompTIA Security+, (ISC)2 SSCP, or EC-Council ECSA certification, or an equivalent certification.
Experience with McAfee security tools.
Related work experience in a higher education or academic health care organization.
Prior experience with SIEM technologies.
Demonstrated experience implementing technical aspects of compliance standards and regulations such as HIPAA, FERPA, GLBA, PCI DSS, NIST, and others.
Understanding of networking architectures, topologies, practices, and technologies.
Experience with the Malcolm Baldrige Quality Excellence process and the Cybersecurity Excellence Builder.
Please mention to the employer that you saw this ad on UniversityJobs.com
- Share this job:
- [Save this job]