Security Analyst

Note: This role requires onsite availability five days a week. However, there may be opportunities for remote work based on operational needs and seasonal demands.

Overview

Join our esteemed institution as a Security Analyst and become a pivotal part of our mission to safeguard the digital landscape of a university dedicated to shaping future leaders. In this vital role, you'll blend your passion for information security with a commitment to our core values, embodying the spirit of thinking deeply, acting justly, and living wholeheartedly. Your work will directly contribute to creating a secure environment that fosters educational excellence and innovation.

As a Security Analyst, you'll work closely with our SOC partner to monitor and respond to security threats, engage in threat-hunting activities, and ensure the integrity of our systems through regular assessments. You'll also collaborate with cross-functional teams to identify and remediate vulnerabilities, manage our security tools, and contribute to the development of a robust security posture across the university's digital environment.

Who You Are                   

• You are a dedicated professional with a strong interest in cybersecurity. Whether you are an experienced analyst or come from a related field like IT support, systems or network administration, or software development looking to transition into security operations, your curiosity and commitment to continuous learning set you apart.

• Analytical and detail-oriented, you have a talent for identifying anomalies in data and enjoy tackling complex challenges.

• You communicate effectively with team members and stakeholders, clearly conveying technical concepts in an understandable way.

• You proactively seek opportunities to improve processes and tools, recognizing the importance of documentation and reporting in enhancing security practices.

• Staying current with the latest security trends and technologies is important to you, and you actively pursue professional development through self-study, certifications, or engagement in professional communities.

Key Duties and Responsibilities

• Embrace the university's mission to equip students to think deeply, act justly, and live wholeheartedly as Christ's agents of renewal in the world.

• Collaborate with SOC Partner: Serve as a liaison between our internal security team and our Managed Security Operations Center (SOC) partner to ensure effective detection and response to threats. Participate in the continuous tuning of our Security Information and Event Management (SIEM) system to optimize detection capabilities and reduce false positives.

• Proactive Threat Hunting: Conduct regular threat-hunting activities within our environment. Work to identify anomalous behavior and potential malicious activities that may indicate advanced threat actors, thereby contributing to the security of our organization.

• Incident Response: Support incident response efforts by assisting with escalated incidents from the SOC or other teams. Analyze security events, validate threats, and participate in root cause analysis.

• Threat Intelligence Integration: Review and interpret threat intelligence to enhance our security posture. Apply these insights to improve detection capabilities, strengthen incident response efforts, and mitigate future risks.

• Attack Surface Management: Collaborate with security engineers and other teams to identify security gaps and propose additional protections. Participate in vulnerability management, security assessments, and tracking of remediation efforts to reduce our attack surface.

• Security Automation & Tool Optimization: Support efforts to automate routine tasks and improve overall security efficiency. Assist in evaluating and optimizing our security toolset to ensure optimal performance and alignment with organizational needs.

• Reporting & Dashboards: Contribute to building and maintaining dashboards and reports that effectively communicate the organization's security posture to stakeholders.

• Documentation: Contribute to the development, updating, and enforcement of security policies, standards, and guidelines that govern the organization's security practices, ensuring compliance with legal, regulatory, and accreditation requirements.

• Professional Development: Demonstrate a commitment to professional growth by staying up to date on the latest security trends, technologies, and analysis techniques. Engage in training, certifications, and self-directed learning to enhance your skills and contribute to our evolving security landscape.

Preferred Qualifications

• Bachelor’s Degree: Degrees in related fields are strongly preferred, but all disciplines are considered in conjunction with relevant experience. Candidates without a degree should have a clear plan to pursue one in the near future.

• Understanding of enterprise networking and systems: A clear grasp of how components like servers, networks, endpoints, and cloud environments interact. Familiarity with concepts such as TCP/IP, DNS, firewalls, and VPNs is essential.

• Proficiency with SIEM tools and security monitoring: An understanding of Security Information and Event Management (SIEM) systems or similar tools and ability to effectively engage in security monitoring and analysis.

• Strong grasp of cybersecurity fundamentals: Familiarity with key concepts, including operating systems (Linux, Windows), security tools (e.g., Wireshark, Nmap), scripting, cryptography, risk management, and incident response. We expect you to have the knowledge to contribute in these areas.

• Problem-solving mindset: Ability to analyze security information and develop logical, effective solutions.

• Commitment to professional growth: We value a proactive approach to staying current with new security trends and technologies.

• Effective communication skills: You should be able to articulate complex technical concepts clearly to both technical and non-technical stakeholders.

• Scripting or automation tools (preferred, but not required): Familiarity with scripting or automation to enhance security operations is beneficial, and you should be ready to expand your knowledge in this area.

• Attention to detail: The ability to maintain thorough documentation and reporting is crucial to ensuring security practices and compliance efforts are followed.

FAITH and EDUCATIONAL COMMITMENT

1. Commitment to the educational mission of Calvin as a Christian liberal arts University affiliated with the Christian Reformed Church.

2. A commitment to the Christian faith and to the integration of faith, learning, and student development.

DIVERSITY COMMITMENT

Demonstrated awareness and commitment to effectively establishing relationships and positive communication across multiple dimensions of diversity including, but not limited to, race, gender, physical limitations, class, or religious perspectives.