Senior Security Analyst

The mission of the University of St. Augustine for Health Sciences is the development of professional health care practitioners through innovation, individualized, and quality classroom, clinical, and distance education.

The Senior Security Analyst is responsible for keeping the University safe and secure, and monitors all aspects of data security, with respect to information systems that stores and transmits data that traverses across University assets. This includes ensuring that all information systems are up to date, monitored, and vulnerabilities are remediated.

• Collaborate with University IT teams and departments to identify areas of risk to the organization and assist with reducing those risks to acceptable levels.
• Coordinate with systems administrators, developers, and other teams to embed best practices in design and development.
• Ensure network and computing systems devices are up to date with latest versions of software and patches.
• Ensure that all systems are resilient to cyber events using the Security Information and Event Management (SIEM) tool.
• Manage inbound and outbound security rules for email (filtering, whitelists, spam, etc.).
• Participate in quarterly audit reporting, including reports to leadership and external compliance entities.
• Conduct, monitor, evaluate, and report Key Performance and Key Risk Indicators (KPIs and KRIs) to provide leadership with accurate and timely information regarding the effectiveness of the information security strategy.
• Gather and analyze University data to ensure actionable information is available and responded to in accordance with defined SLAs.
• Communicate and promote the awareness of information security, information risk, and privacy to business units, customers, and partners.
• Build and maintain a comprehensive vulnerability testing and reporting schedule. This includes actively threat hunting to identify vulnerabilities within University assets and building a plan for remediation of vulnerabilities.
• Monitor, implement and enforce IT Security policies and procedures.

May perform other duties and responsibilities that management may deem necessary from time to time.

Reports to:

Executive Director, IT

Positions Supervised:
None

• 4 years of experience and strong knowledge of back up services (cloud and physical).
• 6 years of experience working with information systems, computing, and networks.
• 6 years working knowledge of Windows, Linux, and MacOS CLI.
• Strong understanding and/or experience with NIST Cybersecurity Framework, Cybersecurity Policy Management, Security Information and Event Management (SIEM), vulnerability management, penetration testing, authentication methods, Identity and Access Management (IAM), anti-malware and malware analysis/remediation, Endpoint Detection Response (EDR/XDR), Intrusion Detection and Intrusion Prevention Systems (IDS/IPS), web application firewalls, File Integrity Monitoring (FIM), incident response/forensics, physical access controls and security best practices

• Understand security & policy configurations in Office 365.
• Ability to understand firewall and network configurations.
• Advanced understanding of Microsoft product suite;
  Microsoft certifications preferred.
• Understand infrastructure systems and components including networking, servers, authentication.
• Experience with cloud based systems, APIs, communication protocols, firewalls.
• Advanced experience with security systems, protocols, and standards. ISACA certifications preferred.
• Ability to work collaboratively as part of a team, and to interact effectively with colleagues, administrators, faculty, staff and students as well as external constituencies.
• Excellent written and verbal communication skills and a proactive mindset.
• Ability to a work a flexible schedule, including evenings.

Up to 20% travel required to campus locations in the U.S.

To perform the job successfully, an individual should demonstrate the following competencies:

• Collaborates -Building partnerships and working collaboratively with others to meet…