Cybersecurity Analyst

Pursue a career at the OK State Regents for Higher Education

The Cybersecurity Analyst is responsible for contributing to the security and integrity of all Oklahoma State Regents for Higher Education ( OSRHE ) information and systems, including the Oklahoma College Assistance Program ( OCAP ) and One Net. The primary responsibilities include assisting with planning, installation, maintenance, and monitoring of assigned security systems, tasks, and projects. This position will contribute to the OSRHE information security controls, processes, and procedures.

Cybersecurity Analyst also serves as the first level of information security and cybersecurity support.

• Provide first level of information security and cybersecurity support to include incident response.
• Proactively monitor and support all required security systems such as IDS , IPS , firewall, SIEM , VAS , logging, etc.
• Assist with the installation, operations, and maintenance of security systems.
• Provide maintenance of One Net subscriber facing managed firewall services.
• Review and update Digital Forensics and Incident Response ( DFIR ) procedures to ensure lessons learned are formally integrated into our response framework.
• Continuously monitor and evaluate the cybersecurity defense posture using automated tools, ensuring timely and proactive adjustments to controls and configurations based on current threats.
• Assist with security control alignment reviews against accepted frameworks such as NIST 800-53 & ISO
  27001.
• Review, audit, and enforce security policies for cloud deployments, ensuring strict adherence to best practices for IAM and the protection of serverless architectures.
• Assist in assessing that all security controls employed are current and adequate to protect OSRHE information and assets.
• Document all assigned projects and tasks, ensuring the creation and maintenance of accurate, up-to-date information security records. Additionally, assist with the formal review and update of assigned security documentation, as assigned.
• Support information security projects in planning, implementation, review, and modification.
• Participate in configuration reviews.
• Support security assessment activities.
• Maintain confidentiality and sensitivity of all OSRHE data.
• Participate in IT disaster recovery/business continuity exercises and tests.
• Analyze and interpret network packet captures to support incident response, troubleshoot complex network issues, and validate security controls, grounded in a practical knowledge of the OSI model.
• Maintain awareness of current and future cyber threats that could impact the State Regents.
• Assist in the development and delivery of end-user security awareness programs.
• Assist in developing scripts as needed to automate processes that are inefficient manually.
• Generate regular reports on security metrics, incidents, and risk assessments for management review.
• Participate in ongoing professional development and training to stay current with the latest security threats, technologies, and best practices.
• Develop and maintain subject matter expertise in specific systems, technologies, and security domains relevant to the organization’s infrastructure and provide relevant guidance to internal teams.
• Active participation in cybersecurity communities, conferences, and forums to stay connected with industry developments and best practices.
• Work on assigned information security tickets, tasks, and projects.
• Be available for monitoring, response, and change management activities after hours as needed.
• Perform other similar job-related duties as assigned.

Associate degree in information security, computer science, management information systems; or a minimum of two (2) years of progressively responsible information technology experience, at least one (1) year of which must be in information security or a closely related field. An equivalent combination of post-secondary education and work-related experience may be considered.

Basic working knowledge of network interconnectivity, network security, server and client operating systems, security platforms, information security concepts, incident response, and scripting experience. Capable of handling multiple workflows and prioritizing tasks. Strong attention to detail in documentation and change management. Proven ability to work collaboratively across an organization, with peer groups, and organizations external to the agency. Strong project management, communication, and organizational skills.

Ability to communicate cybersecurity concepts to technical and non-technical staff. Working knowledge of applicable laws and law enforcement community activities and initiatives. Must provide a cellular telephone and service for work-related activities. Must be available after hours as needed.

• Accreditation/certification in information security or cybersecurity, network, and system administration.
• Bachelor’s degree in information security, computer…