"Cybersecurity Operations and AI Analyst"

Job Details

Professional Experience/ Qualifications

• Functional knowledge of security-focused networking concepts (OSI Model, Firewalls, Identity Management), including the ability to navigate operating systems (Mac, Windows, Linux) for security analysis.
• Knowledge of information cybersecurity tools, controls, concepts, and frameworks.
• Ability to identify and mitigate system and network vulnerabilities and understanding of current and emerging trends in cybersecurity risks and threats.
• Demonstrated excellence in working with people and strong communication skills.
• Understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Colgate University community.

Preferred Qualifications

• A master’s degree in Information Technology or a related degree, and 6+ years experience in building, managing, and/or working in a Security Operations Center ( SOC ).
• Proficiency with scripting or automation languages (e.g., Python, Ansible, PowerShell, Bash) to support infrastructure and security tasks.
• Applicable cybersecurity and/or IT certifications (e.g., CompTIA Security+, Network+, CySA+, PCNSA, SSCP, GSEC ).
• Experience with cybersecurity tools ( SIEM, EDR, Vulnerability Scanners) and incident management workflows.
• Knowledge of regulatory and legal requirements related to cybersecurity (e.g., FERPA, GLBA, PCI - DSS ).

Education

Bachelor’s degree in Information Technology or related degree required, and 3-5 years or more of professional experience in a cybersecurity related role or equivalent professional experience.

Department Statement

Colgate University’s Information Technology Services ( ITS ) is a dynamic organization that serves the diverse technology needs of the university community. Comprised of several functional areas – Classrooms, Digital Media & Events; Data Analytics & Decision Support; Engagement & Support; Information Security; Learning & Applied Innovation; Services & Shared Infrastructure – ITS prides itself on exceptional customer service and building collaborative relationships to meet the unique needs of our liberal arts campus.

ITS endeavors to foster an inclusive environment that values diversity, professional development, creativity, and innovation to support the growth of individuals and the organization. Under the leadership of the CIO, ITS is embarking on a strategic planning process to align services and resources with several exciting new initiatives identified in Colgate’s Third Century Plan.

Accountabilities

Under general direction, the Cybersecurity Operations and AI Analyst serves a critical function in engineering the university’s security defenses. This position acts as a core member of the Information Security team, working in tandem with the infrastructure team to configure and maintain critical security architecture. This position also serves as a consultant for the secure use of emerging AI tools & frameworks, identifying risks such as data leakage and verifying compliance with university policies.

The core responsibilities of this position include:

• Security Operations & Incident Response: Serving as a lead responder for security incidents, this role involves monitoring system logs, correlating events to identify threats, and triaging compromises. The analyst optimizes the security stack ( SIEM, EDR ) by leveraging the built-in AI and machine learning capabilities of these tools for advanced threat detection.
• Security Engineering: Responsible for the configuration and policy management of Palo Alto Next-Generation Firewalls. Maintains Identity and Access Management ( IAM ) infrastructure (Entra ID/Active Directory) to ensure secure authentication flows. Applies core networking concepts ( OSI model, TCP /IP) to troubleshoot connectivity issues specifically related to security policies, blocked traffic, or authentication failures.
• Risk Assessment & Compliance: Supporting IT compliance and risk management by evaluating the security posture of third-party software, services, and AI tools used by faculty and staff. The analyst manages vendor security assessments to identify risks in new partnerships or architectures and acts as a technical consultant on sensitive data handling, privacy standards, and the secure use of AI frameworks.
• Automation & Identity Management: The analyst administers directory services (Active Directory, Entra ID) to ensure secure access control. Additionally, the role utilizes scripting languages (Python, Bash, PowerShell) and automation tools (Ansible, Terraform) to streamline administrative tasks and security log analysis.
• Vulnerability Management: The role involves monitoring for vulnerabilities, performing regular risk assessments using tools like Tenable/Nessus, and collaborating across campus to remediate identified security gaps.

Additional Responsibilities:

• Ability to serve as a lead responder for security incident handling, including event correlation, vulnerability and attack identification, incident reporting, containment, and remediation.
• Monitor, correlate, and investigate system events and security logs to identify threats and compromises. Identify security gaps in enterprise or network visibility.
• Triage, contain, remediate, and recover information systems and data affected by a security event or incident.
• Functional understanding of AI mechanics to identify security risks (e.g., OWASP Top 10 for LLMs).
• Ability to evaluate the operational and ethical implications of AI tools for cybersecurity analysis and defense.
• Supporting IT compliance efforts by requesting and analyzing third-party vendor security assessments, such as the HECVAT, to evaluate risks associated with new software or services.
• Evaluate the security posture of third-party AI tools used by faculty and staff, ensuring compliance with data privacy standards
• Administer directory services and identity management systems to ensure appropriate access control across the enterprise environment.
• Monitor internal and external sources for newly identified vulnerabilities, evaluate and document the risk such vulnerabilities pose to the organization’s information and systems.
• Work collaboratively on projects with stakeholders across the campus to report vulnerabilities and remediate gaps highlighted in security or risk assessments.
• Review and analyze third-party vendor security assessments and compliance documentation to identify risks associated with new software, services, or partnerships.
• Assist with university projects by providing cybersecurity expertise, particularly for users navigating sensitive data requirements and AI model usage.
• Ability to communicate complex technical concepts to stakeholders with varying levels of technical expertise, tailoring the level of detail to the specific audience.
• Engage in ongoing professional development and networking opportunities, such as attending regional or national conferences, workshops, and specialized training sessions.
• Perform other related duties and projects as assigned.

Job Open Date

02/02/2026

Job Close Date

Open Until Filled

No

EEO Statement

The University recognizes that equal employment opportunity can only be achieved through demonstrated leadership. It is the Policy of the University to recruit, employ, retain, promote, and train employees on the basis of skills and experience, capacity to do the job, and valid job qualifications without regard to any characteristics protected by applicable local, state or federal laws.

For more information, click the "How to Apply" button.