Security Analyst -ITACD

Overview

Under the direction of the Director of Information Security, the Security Analyst I will monitor our computer networks for security issues, install security software and document any security issues or breaches you find. Accountable for protecting IT infrastructure, edge devices, networks to prevent data breaches by monitoring and reacting to attacks. Assist with building communication and collaboration around IT security. Helps with solutions to problems that may arise in an expeditious, efficient, and timely manner.

Effectively collaborates across technology teams and business units through excellent communication skills, diplomacy, and a positive attitude. Responsible for 24x7 support of all Information Security systems and support. Responsible for performing job duties in accordance with the mission, vision and values of the University of Central Oklahoma. Hybrid/Remote option available. Must complete on-site orientation up to 30 days as determined by position.

• Responsible for activities involving the planning, development, administration, management, and support of university information security operations.
• Understands the business strategy of enterprise-wide business and IT management, security, infrastructure and operations, disaster recovery, incident response, and works with teams to define security requirements.
• Communicates and coordinates with other team leads, business leadership, and project managers to ensure appropriate integration of processes and modules across the enterprise.
• Manages UCO's information security systems so that they function reliably, meeting the organization's business needs, and use the organization's IT resources effectively.
• Responsible for implementation, monitoring and identifying security vulnerabilities/intrusion detection.
• Participates in security audits, vulnerability and threat assessments.
• Investigates security breaches and proactively searches available security systems for indications of compromise.
• Collects initial forensic data from suspected security incidents for triage and deeper investigation.
• Maintains and operates security software to protect systems and information infrastructure.
• Documents security breaches and assesses the damage they cause.
• Works with the security team to perform tests and uncover network vulnerabilities.
• Fixes detected vulnerabilities to maintain a high-security standard.
• Stays current on IT security trends and news.
• Develops and maintains organization-wide best practices for IT security. Creates and maintains documentation including diagrams, operational and support procedures.
• Conducts on-demand and scheduled vulnerability assessments and penetration testing.
• Interacts with end users, service desk, team members and stakeholders in gathering information to define and document required changes to the environment. Assists IT management in preparing business and use cases.
• Performs other duties as assigned.

Bachelor’s degree in a related field or an equivalent combination of experience and education that provides knowledge of and exposure to fundamental theories, principles, and concepts. Experience monitoring network security appliances including IDS, IPS, firewalls, and identity management solutions. Requires the application of expertise in a chosen field to achieve results.

• CompTIA Security+, GIAC Certified Incident Handler, or Certified Ethical Hacker, is highly desired.
• Working knowledge of SIEM and Endpoint Detection and Response tools is highly desired.
• Working knowledge of enterprise networks, data protections, and server platforms is preferred.
• Understanding of the NIST Cybersecurity framework is preferred.

Basic understanding of IP Management (v4 & v6), Access Control Lists, Policy Based Routing, routing protocols, wireless networks, secure remote access, VLAN segments, BGP and IP load balancing systems.

Must possess strong customer service and interpersonal skills. Strong analytical, organization and collaboration skills. Ability to work well under pressure, handling multiple tasks and balancing multiple objectives, while consistently ensuring that priority objectives are met. Ability to communicate technical terms to non-technical users. Excellent verbal and written communication skills with the ability to understand procedures, policies, and proposals. Adheres to and complies with UCO's shared values and the Office of Information Technology’s Code of Ethics.

This position is on-call 24x7x365 and requires the successful candidate to have high-speed internet access to their residence and maintain a smart phone on which to receive telephone calls, email, SMS messages from servers and authorized OIT personnel.

Reasonable accommodations (in accordance with ADA requirements) may be made, upon request, to enable individuals with disabilities to perform essential functions.