Job Details

Santa Clara University
  • Position Number: 4853778
  • Location: Santa Clara, CA
  • Position Type: Computer and Information Technology






Senior Information Security Analyst



Position Title:
Senior Information Security Analyst

Position Type:
Regular


Hiring Range:

$112,100 - 151,500 annual, commensurate with experience


Pay Frequency:
Annual

A. POSITION PURPOSE


The Senior Information Security Analyst is focused on identifying, documenting, and communicating information security risk and compliance across campus, and works with stakeholders to mitigate those risks. The Senior Information Security Analyst assesses and documents the university's risk and compliance posture as they relate to information assets, establishes and enhances relationships with business owners and data stewards to improve information security, and identifies where processes or controls should be adjusted or added to meet compliance objectives. Secondary duties include the review, design, and testing of information systems security plans and procedures, performing security reviews and audits, researching and recommending security solutions, advising on network, systems and application-level security configurations, and investigating and mitigating security incidents.

The Senior Information Security Analyst reports to the Chief Information Security Officer and is a member of the Information Security Office. This office works with the university community to secure system and network resources, protect the confidentiality of student, faculty, and staff information, and raise cybersecurity awareness. In conjunction with technical teams, risk management, legal and other university and external vendors and partners, the Information Security Office works to ensure regulatory compliance, best practices, and secure information handling.

The activities of this position must support the Mission and Goals of the University and Information Services. Demonstrated experience with and a commitment to delivering excellent customer service is required.

ESSENTIAL DUTIES AND RESPONSIBILITIES
  • Establish and manage procedures for tracking the identification and mitigation of information security risks.
  • Develop and maintain a university-wide risk register for cyber risk, regularly reporting issues and progress to key stakeholders.
  • Assess computer hardware, software, systems, and cloud resources for security risks and compliance gaps, and work with Information Services staff, campus staff, and technology vendors to identify and implement solutions.
  • Assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems.
  • Work with internal stakeholders and outside consultants as appropriate on security assessments, audits, or security-related projects.
  • Interact in both oral and written communications with all levels of university staff, students, and technology vendors and contractors in matters related to information security and awareness.
  • In conjunction with the ISO team, respond to information security incidents.
  • Advocate for information security best practices.
  • Promote security awareness across the organization
  • Other duties as assigned.


PROVIDES WORK DIRECTION

This position does not have any direct reports.

GENERAL GUIDELINES
  • Identifies the level of information system adherence to applicable security standards, guidelines and regulations, formulates recommendations, and tracks remediation efforts.
  • Interacts with the University community to identify potential security issues, and to foster relationships between the Security Office and the broader University community.
  • Researches improvements to the information security posture of the university, and makes recommendations.
  • Prepares and submits reports as requested and required.


QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The items below are representative of the knowledge, skills, abilities, education, and experience required or preferred.

This position requires the ability to effectively establish and maintain cooperative working relationships within a diverse multicultural environment.

1. Knowledge, Skills and Abilities

General
  • Knowledge of information technology, campus technology, and information security issues and trends in higher education, and ability to continually develop new knowledge regarding the same.
  • Ability to work in a collaborative environment, as either a member or leader of a team, to meet deadlines and achieve goals.
  • Ability to interact with a diverse workforce to provide excellent customer service.
  • Self-motivated and shows initiative.
  • Ability to successfully manage multiple projects simultaneously.
  • Proven track record in project planning and project management.
  • Ability to exercise independent judgment and engage in critical thinking and problem solving.
  • Ability to work effectively under pressure in a busy (sometimes chaotic) and demanding information services environment.
  • Ability to explain technical, risk, and security concepts and policies to non-experts.
  • Ability to give presentations on technical issues to a broad range of audiences.
  • Ability to foster and maintain good working relationships with faculty, administrators, students, senior management, and other leaders.
  • Ability to handle sensitive matters with diplomacy.
  • Ability to maintain confidentiality and manage confidential information.
  • Must possess impeccable integrity.
  • Ability to speak truth to power.
  • Appreciation for the University's mission, vision, values, priorities, procedures, and policies.


Position-specific
  • Understanding of information security risk management and compliance practices.
  • Ability to develop security standards and guidelines based on best practices and industry standards.
  • Knowledge of securing network technologies, operating systems, and cloud applications.
  • Understanding of common security and privacy standards, regulations, and frameworks relating to a higher education environment (e.g., FERPA, PCI DSS, GLBA, HIPAA, GDPR, NIST 800-171, NIST CSF, etc.)
  • Experience responding to, analyzing, and communicating information security incidents.
  • Executes responsibilities with integrity and maintains the trust and confidence of senior management
  • Works under limited supervision


2. Education
  • Bachelor degree from an accredited institution of higher education preferred
  • GIAC, CISA, CISM, or CISSP certification preferred


3. Experience
  • 8 years of related experience in information technology, cybersecurity, and/or risk management
  • Strong analytical skills and the ability to resolve complex problems
  • Proven ability to work independently
  • Strong interpersonal and communication skills and ability to effectively communicate with management, faculty, staff, students, and external parties
  • Experience working for the needs of Higher Education organizations is preferred


PHYSICAL DEMANDS

The physical demands described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. In accordance with the Americans with Disabilities Act, as amended, the California Fair Employment & Housing Act, and all other applicable laws, SCU provides reasonable accommodations for qualified persons with disabilities. A qualified individual is a person who meets skill, experience, education, or other requirements of the position, and who can perform the essential functions of the position with or without reasonable accommodation.
  • Considerable time is spent at a desk using a computer terminal
  • Will be required to travel to other buildings on the campus
  • May be required to occasionally travel to remote campuses, outside customers, vendors or suppliers
  • May be required to attend conference and training sessions within Bay Area or in- or out-of-state locations


WORK ENVIRONMENT

The work environment characteristics described below are representative of those an employee encounters while performing the essential functions of this job.

  • Typical office and computer lab environment
  • Mostly indoor office environment with windows
  • Offices with equipment noise
  • Offices with frequent interruptions


COVID-19 Statement

The health and safety of the university community is a top priority. All Santa Clara University students, and employees are required to be vaccinated against COVID-19 or request a medical or religious exemption. Please visit our COVID-19 webpage for additional information.

EEO Statement

Equal Opportunity/Notice of Nondiscrimination

Santa Clara University is an equal opportunity/equal access/affirmative action employer fully committed to achieving a diverse workforce and complies with all Federal and California State laws, regulations, and executive orders regarding non-discrimination and affirmative action. Applications from members of historically underrepresented groups are especially encouraged. For a complete copy of Santa Clara University's equal opportunity and nondiscrimination policies, see https://www.scu.edu/title-ix/policies-reports/

Title IX of the Education Amendments of 1972

Santa Clara University does not discriminate in its employment practices or in its educational programs or activities on the basis of sex/gender, and prohibits retaliation against any person opposing discrimination or participating in any discrimination investigation or complaint process internally or externally. The Title IX Coordinator and Section 504 and ADA Coordinator is Aaron Zisser, Director of Equal Opportunity and Title IX, 408-551-3043, azisser@scu.edu , www.scu.edu/title-ix. Inquiries can also be made to the Assistant Secretary of Education within the Office for Civil Rights (OCR).

Clery Notice of Availability

Santa Clara University annually collects information about campus crimes and other reportable incidents in accordance with the federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act. To view the Santa Clara University report, please go to the Campus Safety Services website. To request a paper copy please call Campus Safety at (408) 554-4441. The report includes the type of crime, venue, and number of occurrences.

Americans with Disabilities Act

Santa Clara University affirms its commitment to employ qualified individuals with disabilities within the workplace and to comply with the Americans with Disability Act. All applicants desiring an accommodation should contact the Department of Human Resources, and 408-554-5750 and request to speak to Indu Ahluwalia by phone at 408-554-5750 or by email at iahluwalia@scu.edu.


To view the full job posting and apply for this position, go to https://wd1.myworkdaysite.com/en-US/recruiting/scu/scu/job/Santa-Clara-CA/Senior-Information-Security-Analyst_R3993





Copyright 2022 Jobelephant.com Inc. All rights reserved.

Posted by the FREE value-added recruitment advertising agency
jeid-b9342bc4ef735944bb69e69b3dab3ef0