Job Details
- Junior Analyst, Information Security (Internal Applicants Only)
- Go to our website »
Junior Analyst, Information Security (Internal Applicants Only)
University of San Francisco
Job Summary:
The Junior Analyst, Information Security provides direct support for the University's Information Security Program as administered by the USF ISC Department.
The Information Security Program consists of establishing policies and high level processes, overseeing education and training, implementing monitoring and control mechanisms, remediation of identified threats and overseeing compliance with statutory and regulatory requirements regarding electronic information confidentiality, integrity and availability. The Information Security & Compliance (ISC) team collectively supports the Information Security Program and provides strategy, security assessment (risk), consultation, orchestration, governance, as well as maintains and audits against the USF security framework. The USF security framework establishes the foundational understanding that security is a shared responsibility coordinated by the ISC team and executed by each (accountable) service/operational owner - key internal and external stakeholders who collaborate to safeguard the University's data from internal and external threats.
Practicing as an entry level subject matter expert (SME), administrator, analyst, and key team member, this role supports the efforts of the ITS Division, and the ISC Department by serving in four main roles:
Administration & Incident Response Contributor
SME (process / procedures / technical)
Vulnerability & Security Training Management
Level 1 - SIEM (Splunk) Data Science and Engineering
This role requires established integrity and leadership potential, customer service experience, outstanding organizational skills, a developing range of technical skills, developing project management/coordination abilities, and experience in maintaining a secure computing environment.
Job Responsibilities:
Summary Tasks
Support the ISO with assuring IT Service Confidentiality, Integrity and Availability (CIA security triad)
Monitor the Information Security & Compliance queue, assign new tickets to team members, assist the ISC team with monitoring open tickets to ensure SLAs and metrics are meet, and escalate issues appropriately
Monitor and analyze incoming needs (email, phone, in-person) requested directly to ISC, transition those needs into action item tickets, assigning them and/or update existing tickets appropriately
Provides consultation to ITS and technology service owners with gold standard process baselining, including but not limited to ISC dashboard procedure and USF security framework
Participate in the maintenance of access rules to data and other IT resources
Participate in CIA over the assurance and maintenance of authorized user IDs and passwords
Monitor security, privacy and copyright violations and take corrective actions to ensure that adequate security is provided
Assist as Project coordinator or Internal Technical Consultant for security-related initiatives as assigned
Perform daily level 1 security operational tasks to support the mission and vision set by the ISO to support and enable the business needs of the University
Serve as backfill for team members as needed
Other duties as assigned
Technical
Provides initial support for the Information Technology Services Division regarding technical issues related to Information Security
Stays well-informed as to the current and emerging threat environment
Actively participates in risk management by evaluating current conditions, systems and practices within the ITS Division, and across the University as directed by the ISO to inform the Information Security Dashboard, and as appropriate develop and maintain effective practices to identify, document, isolate, deter, defend against threats and orchestrate remediation efforts
Provides level 1 system administration for key security-related systems owned by ISC
Maintains active involvement within the greater Security Industry
Provides consultation to ITS and technology service owners with gold standard technical baselining, including but not limited to USF security framework
development, maintenance and deployment of vulnerability, system and application patching
Provides administrative support for the operation and use of Security and Network Access related systems and services
SETA: Security Education, Training & Awareness
Contribute in the planning, preparing, and delivering of the Information Security Awareness Program, which includes required virtual security training for faculty, staff, affiliates, as well as those with elevated access
Minimum Requirements:
Professional:
2 -4 years of experience in IT supporting medium-to-large scale environment (1000+ endpoint systems), with preforming a variety of tasks related to the information security triad (confidentiality, availability, and integrity)
Bachelor of Arts or Bachelor of Science degree in Computer Science, Information Systems, Information Security or equivalent work experience. 5 years or more of related technical experience may be substituted for degree requirements
Desired: candidates with current IT Certifications: HDI Support Center Analyst, HDI Support Center Manager, and ITIL Foundation
Ability to maintain current certifications as well as pursue others as recommended
Developing range of technology, process and business operations skills including demonstrated knowledge and experience in ITIL, incident management, and the field of Information Security
Excellent communication skills and ability to interact professionally with a diverse group of individuals across the University, including technical and non-technical staff, faculty and students
Ability to interact with all levels of an organization in a professional, diplomatic and tactful manner
Outstanding organizational skills, ability to prioritize effectively, and ability to follow complex tasks with minimal supervision
Understanding and awareness of compliance issues related to information resources in a higher education environment
Entry level understanding and experience of IT security management systems, best practices, standards, and/or frameworks (NIST, ISO, etc.)
Technical:
Experience with Windows and Linux Operating Systems
Experience in python, perl, HTML/JS, SQL queries
High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy
Experience and aptitude for troubleshooting skills with the ability to analyze and resolve difficult problems quickly
Effective documentation skills
Entry level system & business administration: account lifecycle, report generating, data analysis,
Entry level experience using monitoring and management tools and systems (Vulnerability Management, Endpoint Protection, Splunk/SIEM, DLP)
Entry level knowledge of network architecture and protocols (Ethernet, TCP/IP, DNS)
Entry level knowledge of Active Directory Computer Object, Organization Unit administration, and Group Policy design
Entry level experience with enterprise asset management systems such as LANDesk, Service Now
Entry level experience with managing and escalating ticket queues
Entry level experience in development and operations of Security Information Event Management (SIEM) system to support security operations utilizing Splunk
Entry level experience with vulnerability scanning, threat management, system security hardening, security ticketing and automation
Entry level knowledge of Palo Alto Networks equipment and configurations
Entry level knowledge of Network Access Control systems (Impulse Point)
Entry level of knowledge enterprise security concepts and tools including Log Management and GRC systems
Entry level experience with network protocols relating to both systems and networks
Provide off-hours support on an infrequent, but on an as needed basis
Additional Knowledge, Skills, and Abilities:
For information on how to apply, please visit the following link: www.usfjobs.com
EEO Policy
The University of San Francisco is an equal opportunity institution of higher education. As a matter of policy, the University does not discriminate in employment, educational services and academic programs on the basis of an individuals race, color, religion, religious creed, ancestry, national origin, age (except minors), sex, gender identity, sexual orientation, marital status, medical condition (cancer-related and genetic-related) and disability, and the other bases prohibited by law. The University reasonably accommodates qualified individuals with disabilities under the law.
Copyright 2017 Jobelephant.com Inc. All rights reserved.
Posted by the FREE value-added recruitment advertising agency
jeid-ddd90da1d7967f448f7e36278d2b9a20