General Information
| Job Description | IT SECURITY ANL 3 | Working Title | IT Security Analyst |
|---|---|---|---|
| Job Code | 007338 | Grade | 23 |
| Department Name | SOM Finance and Admin Dept - D02013 | Department Head | Simon Linwood |
| Supervisor | Matthew Summerville | Effective Date |
Position(s) Directly Supervised
| Job Code | Title | FTE |
|---|
Generic Scope
| Experienced professional who knows how to apply theory and put it into practice with in-depth understanding of the professional field; independently performs the full range of responsibilities within the function; possesses broad job knowledge; analyzes problems/issues of diverse scope and determines solutions. |
Custom Scope
| Applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus, medical center or Office of the President policies and procedures to resolve a wide range of complex issues. Demonstrates competency in recommending methods and techniques to obtain results. |
Department Custom Scope
| The IT Security Analyst protects and defends UCR School of Medicine and UCR Health's information technology systems, networks, and data through cyber defense analysis, incident response, and vulnerability assessment and management. This involves analyzing security events and incidents, implementing security controls, configuring and managing security systems, conducting vulnerability scans and assessments, and performing various IT security-related tasks. Identifies anomalous network activity and potential threats to network resources, tracks and documents security incidents from initial detection through final resolution, writes and publishes cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies. Works with stakeholders to resolve computer security incidents and vulnerability compliance, performs risk and vulnerability assessments of relevant technology focus areas, and makes cybersecurity recommendations to leadership based on relevant threats and vulnerabilities. Must be proactive in identifying potential security threats and vulnerabilities to maintain the security and integrity of institutional information and infrastructure. |
Education & Experience Requirements
Education Requirements
| Degree | Requirement |
|---|---|
| Bachelor's degree in related area and/or equivalent experience/training. | Required |
Experience Requirements
| Experience | Requirement |
|---|---|
| 4 - 7 years of related experience. | Required |
| Experience completing vulnerability scanning and risk assessments | Preferred |
| Experiencing performing log review and analysis | Required |
| Experience conducting security event triage, incident response, and/or digital forensics | Required |
| Experience conducting security risk assessment | Preferred |
| Experience managing security tools | Preferred |
| Related experience in healthcare industry | Preferred |
License Requirements
| License | Requirement |
|---|---|
| Must possess or obtain a Valid CA Drivers License in acccordance with the California Department of Motor Vehicles, if driving a university/personal vehicle for university related business | Preferred |
Certification Requirements
| Certification | Requirement |
|---|---|
| Information Security certification such as CEH, CASP+, CISSP, etc. | Preferred |
Educational Condition Requirements
| Condition | Requirement |
|---|---|
| If not already held, will obtain Security+ or above certification within 3 months of appointment date | Required |
Key Responsibilities
| Description | % Time |
|---|---|
Collects, examines, analyzes and reports to management regarding the causes, effects and implications of security incidents. Applies advanced IT security concepts, governmental regulations, departmental and campus, medical center or Office of the President policies and procedures to respond to and appropriately escalate complex IT security incidents.
|
40 |
Implements complex and/or moderate-scale security controls to prevent unauthorized access or changes to campus, medical center or Office of the President information, hardware, software and/or network infrastructure. Independently researches, analyzes and addresses attempted efforts to compromise security protocols. Advises departments on security prevention and best practices.
|
20 |
Applies, configures and manages complex security systems. Administers complex security configurations to control access to hardware, software and networks. Applies advanced encryption methods.
|
15 |
| Conduct vulnerability scans and assessments to identify potential risks to institutional information and infrastructure. Analyze vulnerability data and determine remediation requirements while assessing risk levels. Collaborate with business units and IT stakeholders to understand vulnerabilities and provide detailed vulnerability reports and remediation plans for management. Ensure prompt identification and resolution of potential risks to maintain the integrity and security of institutional information and infrastructure. | 15 |
| Performs various IT security-related tasks, including conducting risk assessments, organizing security awareness activities, and developing or updating security policies and procedures, as directed by management or outlined in organizational policies. Being proactive and taking the initiative to identify potential security threats and vulnerabilities is also crucial in maintaining the security and integrity of institutional information and infrastructure. Must be adaptable and flexible to perform additional IT security-related tasks as assigned. | 10 |
Knowledge, Skills & Abilities
| Knowledge/Skill/Ability | Requirement |
|---|---|
| Ability to follow department processes and procedures. | Required |
| Experience in incident response and digital forensics including data collection, examination and analysis. | Required |
| Demonstrated skills applying security controls to computer software and hardware. | Required |
| Knowledge of computer hardware, software and network security issues and approaches. | Required |
| Experience using IT security systems and tools. Knowledge of data encryption techniques. Experience analyzing logs for security breaches. | Required |
| Basic skill at reading and interpreting security logs. | Required |
| Knowledge of other areas of IT, department processes and procedures. | Required |
| Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. | Required |
| Ability to maintain confidentiality. | Required |
| Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. | Preferred |
| Knowledge and experience in implementation of IT Security frameworks, such as CIS Critical Security Controls, NIST 800-66 rev 2, and/or NIST Cybersecurity Framework. | Preferred |
| Demonstrated experience selecting and applying appropriate data encryption technologies. | Preferred |
| Skill in reviewing logs to identify evidence of past intrusions. | Preferred |
| Skill in using security event correlation tools. | Preferred |
| Knowledge of adversarial tactics, techniques, and procedures, different classes of attacks and cyber attack stages, such as protecting a network against malware. | Preferred |
| Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy and various data privacy and security standards, including of Personal Health Information (PHI) | Preferred |
| Knowledge of authentication, authorization, and access control methods including host/network access control mechanisms, network access, identity, and access management, and policy-based and risk adaptive access controls. | Preferred |
| Ability to share meaningful insights about the context of an organization?s threat environment that improve its risk management posture. | Preferred |
| Knowledge of computer networking concepts and protocols, and network security methodologies and ability to interpret the information collected by network tools and detect host and network-based intrusions using intrusion detection technologies | Preferred |
Special Requirements & Conditions
| Special Condition | Requirement |
|---|---|
| Must pass a background check. | Required |
| Occasional travel for university related business meetings, conferences and/or professional development. | Required |
| Ability to work periodically outside of Normal Business Hours as assigned. | Required |
| Must be able to participate as part of the on-call rotation schedule for after hours support. | Required |
| Travel Outside of Normal Business Hours | Required |
Other Special Requirements & Conditions
|
|
Level of Supervision Received
| General Supervision |
Environment
Working Environment
| UC Intelli-Center: 14350 Meridian Pkwy, Riverside, CA |
Other Requirements
Items Used
|
Physical Requirements
|
Mental Requirements
|
Environmental Requirements
|
Critical Position
| Is Critical Position: Yes |