Information Security Operations Analyst

The Information Security Office is looking for an Information Security Operations Analyst. The focus of this position is to ensure that the Incident Response/Analysis, Playbook Creation and Automation, and Project Management aspects of in the Information Security Office are running in consistent, professional, and progressive manners. This requires much documentation, detection and analysis, logistical coordination for mitigation, discussions with IT/other stakeholders and SMEs, and diligent and consistent follow-up.

This is a campus-based position with the possibility of hybrid work.

• Monitor security alerts and coordinate responses to cybersecurity incidents.
• Analyze malicious activities and assess impact on university systems.
• Identify vulnerabilities and recommend remediation strategies.
• Develop and maintain security playbooks for incident handling, including scripting and automation response development.
• Conduct threat intelligence research to enhance security defenses.
• Work closely with IT teams and external partners during incident resolution.
• Prepare detailed reports and documentation of security events.
• Conduct post-incident reviews and recommend improvements.
• Provide training and guidance on cybersecurity best practices.
• Assist in the development of security policies and procedures.
• Stay updated on the latest cybersecurity trends and technologies.

• Bachelor’s degree in cybersecurity, computer science, information technology, or a related field with 3 years of experience in information security response with 1 year of experience specifically in information security principles. Equivalent combination of education and experience will be considered.
• Strong understanding of security tools, SIEMs, incident response techniques, and project management experience.
• Proven experience in incident response, digital or physical forensics, and cybersecurity operations.
• Knowledge of regulatory compliance and security frameworks ( NIST , ISO , CIS , etc.).
• Applicants must be authorized to work in the United States on a full-time basis without visa sponsorship.

• Security certifications, such as Security+, CC, CEH , etc.
• Experience with cloud security and network security monitoring. Experience with firewalls, intrusion detection systems ( IDS / IPS ), SIEM , encryption tools, and vulnerability management tools.
• Familiarity with programming or scripting for automation (Python, Power Shell, KQL , etc.)

It is a great time to join UB Information Technology (UBIT)! Our staff are highly skilled and motivated to succeed and have cutting-edge training and technical resources at their disposal. All the duties and responsibilities listed above continue to occur in a 24×7 environment, therefore, working extended hours, holidays, or varied hours may be required.

• Our benefits, where we prioritize your well-being and success to enhance every aspect of your life

Salary Range $75,000-$100,000

Contact Email: diversity
Contact Phone:

University at Buffalo is an affirmative action/equal opportunity employer and, in keeping with our commitment, welcomes all to apply including veterans and individuals with disabilities. Arrangements will be made if an applicant has a disability in order to provide access to the application, interview and selection process upon request. Reasonable accommodation requests must be made in a timely manner by email at diversity or by phone .