General Information
Job Description | IT SECURITY ANL 2 | Working Title | Junior IT Security Analyst |
---|---|---|---|
Job Code | 007337 | Grade | 21 |
Department Name | IT Cybersecurity - D02046 | Department Head | Matthew Gunkel |
Supervisor | Dewight Kramer | Effective Date | 08/29/2022 |
Position(s) Directly Supervised
Job Code | Title | FTE |
---|
Generic Scope
Professional who applies acquired job skills, policies, and procedures to complete substantive assignments/projects/tasks of moderate scope and complexity; exercises judgment within defined guidelines and practices to determine appropriate action. |
Custom Scope
Applies moderately complex IT security concepts, campus, medical center or Office of the President policies and procedures to resolve a variety of IT security problems. Works on IT security problems and projects of moderate scope where analysis of situations or data requires a review of a variety of factors. |
Department Custom Scope
The Junior IT Security Analyst participates in the Information Security Office programs. Conducts risk assessments; coordinates audit engagements with relevant parties; promotes policies, standards and procedures designed to safeguard information and resources; conducts information security awareness training. Conducts vulnerability assessments and security reviews through vulnerability scans and penetration tests to determine deviations from acceptable configurations, policies, and standards. Assesses levels of risk and recommend appropriate mitigation controls. |
Education & Experience Requirements
Education Requirements
Degree | Requirement |
---|---|
Bachelor's degree in related area and/or equivalent experience/training. | Required |
Experience Requirements
Experience | Requirement |
---|---|
2 - 4 years of related experience. | Required |
License Requirements
Certification Requirements
Certification | Requirement |
---|---|
A certificate in information security, i.e. Security +, Ethical Hacker, CISSP | Preferred |
Educational Condition Requirements
Condition | Requirement |
---|
Key Responsibilities
Description | % Time |
---|---|
Implements moderately complex security controls to prevent unauthorized access or changes to campus, medical center or Office of the President information, hardware, software and/or network infrastructure. Researches and analyzes attempted efforts to compromise security protocols and reports findings to higher-level IT Security Analysts. Reviews logs and classifies events. | 30 |
Assists with the collection, examination and analysis of information regarding the causes and effects of security incidents. Applies professional IT security concepts, departmental and campus, medical center or Office of the President policies and procedures to respond to and appropriately escalate IT security incidents. | 30 |
Applies and may configure and maintain security systems, administers security configurations to control access to systems and applies appropriate encryption methods. | 20 |
Conducts vulnerability assessments, penetration testing, mitigation and remediation activities. Produces assessmentreports and remediation action plans in accordance with campus and Office of the President policy. | 20 |
Knowledge, Skills & Abilities
Knowledge/Skill/Ability | Requirement |
---|---|
Basic knowledge of incident response procedures. | Required |
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. | Required |
Knowledge of other areas of IT, department processes and procedures. | Required |
Experience using IT security systems and tools. Knowledge of data encryption techniques. Experience analyzing logs for security breaches. | Required |
Ability to follow department processes and procedures. | Required |
Demonstrated skills applying security controls to computer software and hardware. | Required |
Basic skill at reading and interpreting security logs. | Required |
Basic knowledge of vulnerability scanning procedures. | Required |
Basic knowledge of risk assessments procedures. | Required |
Basic understanding of information security policy and how it affects IT daily operations. | Preferred |
Experience using a vulnerability scanner tool. | Preferred |
Special Requirements & Conditions
Special Condition | Requirement |
---|---|
Must pass a background check. | Required |
Occasional travel for university related business meetings, conferences and/or professional development. | Required |
Travel Outside of Normal Business Hours | Required |
Other Special Requirements & Conditions
|
Level of Supervision Received
Supervision |
Environment
Working Environment
Remote (Working from Home) with occasional visits to campus as needed. |
Other Requirements
Items Used
|
Physical Requirements
|
Mental Requirements
|
Environmental Requirements
|
Critical Position
Is Critical Position: No |