Information Security Analyst – Computing and Technology Services; CTS

Salary: commensurate with experience.

Benefits: generous benefits including paid time off (holidays, holy days, and vacation), employer matching contributions to the retirement plan, and tuition benefits for employees and their eligible dependents.

Location: Computing and Technology Services.

Position Status: Full-time (35 hours per week).

Hours: Varied.

FLSA Status: Exempt.

The role supports Duquesne University’s Cyber Security program, including detection, prevention, incident response, and training & awareness, as operated by Computing and Technology Services.

The position helps develop and support information security systems and programs; monitors, analyzes, and prioritizes threats; responds to risks; identifies and reports all security issues; monitors threat intelligence feeds; confirms mitigation alignment with company standards; collaborates with business units on security alerts and phishing emails; and recommends emerging cybersecurity tools and best practices.

• Build, deploy, support, monitor, and configure tools used for scanning and monitoring computer, account, or network security, and respond to security, abuse, and e-discovery incidents.
• Monitor intrusion detection, vulnerability scanning, and log correlation systems; conduct research; scan machines; review usage logs; perform forensic analysis per established procedures.
• Provide threat assessments and remediation, evaluating impact, communicating information, and implementing or recommending mitigation techniques.
• Inform users of breaches and obtain detailed information as needed.
• Review logs and reports of all in-place devices and develop resolution plans.
• Execute incident response procedures to identify incidents, contain intrusions, and recommend eradication & recovery options, communicating with internal and external customers and escalating when necessary; may require off‑hours work for 24/7 coverage.
• Deliver training and awareness services, providing documentation and announcements for security & abuse issues and current threats.
• Collaborate with end‑user support groups to provide training and awareness on information security activities, trends, and threats.
• Participate in external community outreach and professional activities related to their field; maintain proficiency and contribute to professional development.
• Perform additional duties and projects as needed.

• Bachelor’s degree from an accredited institution; preferred fields:
  Cybersecurity, Computer Science, Information Security, Information Sciences, or Business.
• Valid PA Driver’s license.
• 1‑3 years of work‑related experience.
• 2‑3 years of experience in an information security role or capacity.
• Experience in incident management, vulnerability management, data‑loss prevention, endpoint protection, SIEM, intrusion detection/prevention systems, malware analysis, and network situational awareness.
• Understanding of server management, operating systems configuration, software configuration, and networking.
• Experience with Windows, Macintosh, and/or Linux operating systems.
• Programming and scripting experience (Power Shell, Python, etc.).
• Digital Forensics and E‑Discovery knowledge.

• Information Security Certifications (ISC2 Certified in Cybersecurity, GSEC, CompTIA Security+).
• Certifications within one year of hire preferred.
• Experience in a higher education environment.
• Experience with security tools such as firewalls, IDS/IPS, SIEM, EDR tools, vulnerability management solutions, and scripting tools.
• Experience with threat hunting, searching networks and datasets for malicious activity or indicators of compromise.
• Understanding of IP, TCP/IP, and other network administration protocols.
• Familiarity with IT Service Management tools.
• Experience with email security, cloud‑based security features, cybersecurity training awareness platforms, third‑party risk management reviews, IT audits, and incident response troubleshooting.

• Proven analytical and problem‑solving abilities.
• Ability to prioritize and execute tasks in a high‑pressure environment.
• Excellent written, oral, and interpersonal communication skills.
• Ability to conduct research on IT security issues and products as required.
• Ability to present ideas in business‑friendly and user‑friendly language.
• Highly self‑motivated and directed.
• Keen attention to detail.
• Team‑oriented and skilled in collaborative environments.
• Ability to establish and maintain effective working relationships with the University Community.
• Willingness to contribute actively to the mission of the University and respect the Spiritan Catholic identity of Duquesne University.

Duquesne University values equality of opportunity as an educational institution and employer.