Security Analyst

The Security Analyst is responsible for working on daily tasks and customer issues in the Information Security Office and will be responsible for continuous monitoring and assessment of security alerts to safeguard the University data and systems. The Security Analyst will identify and mitigate potential threats, ensure compliance with security policies, and support the ongoing development of our Information Security program.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Firewall Management:

• Configures, monitors, and maintains enterprise firewalls to ensure secure network traffic and prevent unauthorized access.
• Develops and implements firewall policies and rules based on industry standards and security best practices
• Troubleshoots and resolves firewall-related incidents and performance issues
• Collaborates with the Network and Infrastructure team to ensure firewall and network segmentation changes are aligned with organizational goals along with maintenance of data center firewall rulesets and routing related to service delivery

Account Management:

• Ensures adherence to the principle of least privilege across all account management activities
• Conducts reviews of user accounts and permissions to identify and mitigate potential security risks

Incident Response:

• Maintains daily operations through our Internal Ticketing system and SOC alerts, resolving support calls. Opens/Closes trouble tickets to ensure customer issues get resolved in a timely manner and tickets are documenting solutions properly.
• Operates, administers and monitors network and host-based intrusion detection/prevention systems
• Leads and participates in security incident response activities, including investigating, analyzing, and mitigating security incidents
• Identifies and remediates phishing campaigns, ensuring timely detection and neutralization of threats
• Performs forensic analysis and root cause investigations to determine the scope and impact of security events
• Develops and documents incident response procedures and runbooks to improve the organization's response capabilities
• Collaborates with other teams to ensure proper escalation and resolution of security incidents
• Completes routine trouble calls supporting Information Security Office (ISO)
• Identifies opportunities and facilitates significant improvements to processes and systems

Vulnerability Management:

• Administers vulnerability management tools, discovery, tracking, and remediation coordination to include Microsoft Defender Security Environment
• Leads technical security operations including security monitoring and reporting
• Monitors security systems and logs for signs of potential vulnerabilities or breaches
• Provides guidance on emerging threats, vulnerabilities, and best practices
• Provides oversight to other teams for patch management progress/state as well as help to determine when security issues require immediate vs delayed action

Risk Management and Compliance:

• Ensures that security controls comply with industry regulations and organizational policies
• Conducts regular security assessments, vulnerability scans, and assist with penetration tests and recommended remediation activities
• Recommends and implements security enhancements based on risk assessments and security audits
• Maintains compliance with export-controlled data regulations and work closely with law enforcement on related matters
• Assists with the St. Mary's Cyber Awareness Program. (Rattler Bytes, KnowBe4, Microsoft Simulator etc.)
• Assists with updating and maintaining the Information Systems Disaster and Incident Response Plan
• Assists with the Annual Audit activities and regulatory requirements and our reporting responsibilities and create deliverables.
• Plans, coordinates, executes and reports on the Annual 'table-top' exercise.

General Duties:

• Helps to evaluate the technology in our security stack and make recommendations as we grow the program
• Gathers, accesses, and confirms interpretation of information and materials from subject matter experts.
• Identifies procedural inconsistencies and inefficiencies and escalate information to appropriate channels.
• Develops, writes and coordinates publishing of policies and procedures to ensure method, consistency, style, design and terminology is consistent and adheres to university standards.

QUALIFICATIONS:

• Bachelor's degree from an accredited college or university in computer science, Information Security, Cybersecurity or related fields preferred; Relevant education and experience in the appropriate technical and management areas may be considered as a substitute for formal education.
• Two or more years of related experience.
• Must be have ability to obtain an industry accepted cybersecurity certification within six months of employment
• Must clear and maintain a favorable background investigation and clearance
• Must have valid driver's license, motor vehicle liability insurance and personal injury insurance; or have a self-reliant source of transportation to conduct business on a daily basis
• Must have knowledge of network management systems and protocols; Expertise in incident response, phishing remediation and email security.
• Must be able to work a flexible schedule
• Must have excellent verbal and written communication skills. Strong public relations and customer service skills with an ability to implement diplomacy and discretion at all times; an ability to work effectively with communities across the university and able to communicating ideas and opinions in a clear, concise manner in verbal, written, or graphical forms that explain technical issues in ways non-technical people can understand
• Must have high ethical standards and a strong sense of confidentiality; ability to work with personal data, maintain user confidence and protects operations by keeping information confidential.
• Must have ability to prioritize and manage multiple deadlines; thrive in a complex work environment; displays solid problem solving and interpersonal skills;
• Must have ability to work well independently and as part of a team; ability to work independently and collaboratively with functional users while applying best practices in developing processes, test plans, executing testing of business applications, and assuring quality controls and documentation.
• Knowledge in Ethical hacking, Intrusion prevention, incident response, and cybersecurity techniques
• Proficient in communicating ideas and opinions in a clear, concise manner in verbal, written, or graphical forms that explain technical issues in ways non-technical people can understand

PHYSICAL DEMANDS:

• Working conditions are in an office environment and university campus setting. Must be able to move across the university campus to conduct day to day business.
• While performing this role, the employee will be regularly required to sit, walk, and stand; talk and hear, both in person and by telephone; and use hands repetitively to operate standard office equipment; and occasionally required to lift up to 50 pounds.
• Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus.
• Frequently communicates with others using approved technological resources; must be able to exchange accurate information through designated systems within a timely manner.
• Constantly operates a computer and other office productivity machinery.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

St. Mary's University is a Hispanic-Serving Institution and an Equal Opportunity Employer. The University is committed to furthering diversity, equity, and inclusion and encourages all qualified candidates apply.