General Information


Job Description IT SECURITY ANL 3 Working Title Security Analyst
Job Code 007338 Grade 23
Department Name IT Security Policy - D02063 Department Head
Supervisor Effective Date 11/13/2019
Position(s) Directly Supervised
Job Code Title FTE

Generic Scope
Experienced professional who knows how to apply theory and put it into practice with in-depth understanding of the professional field; independently performs the full range of responsibilities within the function; possesses broad job knowledge; analyzes problems/issues of diverse scope and determines solutions.

Custom Scope
Applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus, medical center or Office of the President policies and procedures to resolve a wide range of complex issues. Demonstrates competency in recommending methods and techniques to obtain results.

Department Custom Scope
Responsible for the implementation of the Information Security Office governance, risk management, compliance, and awareness program. Conduct risk assessments; coordinate audit engagements with relevant parties; maintain policies, standards and procedures designed to safeguard information and resources; manage information security awareness training. Conduct vulnerability assessments and security reviews through vulnerability scans and penetration tests to determine deviations from acceptable configurations, policies, and standards. Assess levels of risk and recommend appropriate mitigation controls.

Education & Experience Requirements

Education Requirements
Degree Requirement
Bachelor's degree in related area and/or equivalent experience/training. Required

Experience Requirements
Experience Requirement

License Requirements

Certification Requirements
Certification Requirement
Certified Information Systems Auditor (CISA) Preferred
Certified Ethical Hacking (CEH) Preferred

Educational Condition Requirements
Condition Requirement
Obtain PCI-DSS Internal Security Assessor (ISA) qualification within six (6) months of appointment begin date. Required

Key Responsibilities

Description % Time
Implements complex and/or moderate-scale security controls to prevent unauthorized access or changes to campus, medical center or Office of the President information, hardware, software and/or network infrastructure. Independently researches, analyzes and addresses attempted efforts to compromise security protocols. Advises departments on security prevention and best practices.
20
Applies, configures and manages complex security systems. Administers complex security configurations to control access to hardware, software and networks. Applies advanced encryption methods.
20
Collects, examines, analyzes and reports to management regarding the causes, effects and implications of security incidents. Applies advanced IT security concepts, governmental regulations, departmental and campus, medical center or Office of the President policies and procedures to respond to and appropriately escalate complex IT security incidents.
20
Conducts vulnerability assessments, penetration testing, mitigation and remediation activities. Produces assessment reports and remediation action plans in accordance with campus and Office of the President policy.
20
Manage compliance requirements, governance policies and procedures, information security training and awareness, and risk assessments.
20

Knowledge, Skills & Abilities

Knowledge/Skill/Ability Requirement
Basic skill at reading and interpreting security logs. Required
Ability to follow department processes and procedures. Required
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Required
Experience using IT security systems and tools. Knowledge of data encryption techniques. Experience analyzing logs for security breaches. Required
Knowledge of other areas of IT, department processes and procedures. Preferred
Demonstrated skills applying security controls to computer software and hardware. Required
Experience in incident response and digital forensics including data collection, examination and analysis. Preferred
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Required
Knowledge of computer hardware, software and network security issues and approaches. Required
Demonstrated experience selecting and applying appropriate data encryption technologies. Required

Special Requirements & Conditions
Special Condition Requirement
Must pass a background check. Required

Other Special Requirements & Conditions

Level of Supervision Received
GeneralSupervision

Environment

Working Environment
UCPath Intellicenter

Other Requirements

Items Used
  • Standard Office Equipment
  • Computer
  • Printer
  • Copier
  • Scanner

Physical Requirements
  • Bend : NA
  • Sit : Frequently
  • Squat : NA
  • Stand : Occasionally
  • Crawl : NA
  • Walk : Occasionally
  • Climb : NA

Mental Requirements
  • Read/Comprehend : Constantly
  • Write : Frequently
  • Perform Calculations : Occasionally
  • Communicate Orally : Frequently
  • Reason & Analyze : Constantly

Environmental Requirements
  • Is exposed to excessive noise : No
  • Is around moving machinery : No
  • Is exposed to marked changes in temperature and/or humidity : No
  • Drives motorized equipment : No
  • Works in confined quarters : No
  • Dust : No
  • Fumes : No

Critical Position

Is Critical Position: No

More Information

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Career OpportunitiesUCR Libraries
Campus StatusMaps and Directions

Department Information

Human Resources
1160 University Ave.
Riverside, CA 92521

Fax: (951) 827-6493
E-mail: jobshelp@ucr.edu

Related Links

Footer