Information Security Analyst – Computing and Technology Services (CTS)

POSITION SUMMARY:

This position is responsible for the support of Duquesne University’s Cyber Security program which includes detection, prevention, incident response and training & awareness as organized and operated by Computing and Technology Services (CTS), the Duquesne University’s central IT organization.

This position will help develop and support information security systems and programs. The position will also monitor, analyze, and prioritize threats and respond to risks facing the University’s systems and data. In addition, this position will assist with identifying and reporting all security issues, monitoring threat intelligence feeds, and confirming that threat mitigation is in accordance with company standards. This position collaborates with all business units to help respond to security alerts and phishing emails, as well as recommending emerging cybersecurity tools and best practices.

DUTIES AND RESPONSIBILITIES:

Build, deploy, support, monitor and configure various tools used to scan and monitor various aspects of computer, account, or network security and respond to computer security, abuse, and e-discovery incidents. This will entail monitoring intrusion detection, vulnerability scanning and log correlation systems; doing research; scanning machines; reviewing usage logs; etc. to confirm reports and perform forensic analysis according to established procedures. User contact will also be needed in order to inform people of breaches as necessary, and to obtain detailed information.

Provide threat assessment and remediation which includes evaluating how threats impact the University, communicating that information and implementing or recommending techniques to mitigate the threat. Provide detailed information to the Help Desk so that the campus community can be informed of new threats or other security issues as needed. Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.

Executing incident response procedures and processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary which may require off-hours work as it requires 24/7 coverage by the department.

Deliver training and awareness services by providing training documentation and announcements for security & abuse issues and current threats. Collaborate with end user support groups to provide training and awareness to campus on information security activities, trends and threats.

Participates in external community outreach and professional activities related to their field, according to their own interest, and affected by relevance to key challenges for CTS and/or Duquesne University. For example, works with external organizations, e.g., EDUCAUSE, on projects or efforts that enhance the reputation of the university as well as maintains proficiency and/or contributes to his/her professional development.

Participate in on-going professional development (attending/presenting at conferences, meetings, etc.).

Perform other duties and projects as needed.

Minimum qualifications:

• Bachelor’s degree from an accredited educational institution (Cybersecurity, Computer Science, Information Security, Information Sciences, or Business is preferred).
• Valid PA Driver’s license
• 1-3 years work related experience
• 2-3 years of experience in an information security role or capacity.
• Information security program experience such as incident management, vulnerability management, data-loss prevention, endpoint protection, security information event management (SIEM), intrusion detection systems, intrusion prevention systems, malware analysis, and network situational awareness.
• Demonstrated understanding and knowledge of information technology areas such as server management, operating systems configuration, software configuration, and networking.
• Experience with a variety of operating systems including Windows, Macintosh and/or Linux is required.
• Programming and scripting experience (PowerShell, Python, etc.).
• Digital Forensics and E-Discovery

Preferred qualifications:

• Information Security Certifications are preferred, such as ISC2 Certified in Cybersecurity (CC), GIAC Security Essentials Certification (GSEC), CompTIA Security+
• CompTIA Security+ preferred within one year of hire.
• ISC2 Certified in Cybersecurity (CC) preferred within one year of hire.
• Experience in a higher education environment is also preferred.

Alternatively, the successful candidate may possess any equivalent combination of experience and training, which provides the knowledge, skills and abilities required to perform the essential job functions.