Oak Ridge Associated Universities
Computer & Information Security Analyst 2
Oak Ridge Associated Universities, Cincinnati, Ohio, United States, 45208
Computer & Information Security Analyst 2
Job Locations
US-OH-Cincinnati
ID
2024-1818
Category
Information Technology
Overview
APPOINTMENT TYPE: Full-Time RegularLOCATION: Cincinnati, OH (Hybrid)SALARY RANGE: $36.07 - $49.22 per hourPURPOSE:This position supports the cyber and information security program for the ORAU Cincinnati Operations Center (COC) network. This position will primarily be responsible for monitoring and analyzing security alerts using our Security Information and Event Management (SIEM) platform, conducting regular vulnerability assessments and configuration compliance scans, managing email security measures, and providing technical support for various cybersecurity tools as needed.
Responsibilities
Monitor and analyze security alerts using the SIEM system and other specialized monitoring tools.
Triage and investigate potential cybersecurity incidents, prioritizing threats based on severity and potential impact on the system.Conduct a thorough investigation of security violations and incidents, collaborating with other team members and/or escalating to manager as necessary.Conduct regular vulnerability assessments and configuration compliance scans across internal and external networks.Collaborate with cross-functional IT teams on vulnerability remediation efforts and address configuration baseline deviations, ensuring timely resolution and improved security posture.Monitor and analyze email security systems, including user-reported phishing attempts. Perform appropriate investigation and remediation actions as necessary.Identify and develop ways to improve the efficiency of security, network, and application log monitoring.Provide technical and end-user support for cybersecurity tools as needed.
Qualifications
Bachelor's degree in technology-related field and 2-4 years of job-related experience. An equivalent combination of education and experience requiring similar knowledge, skills, abilities, and performing duties as described may be substituted for the minimum requirements.Experience conducting vulnerability scanning and assessments using tools like Nessus Professional and Qualys.Familiarity with cybersecurity frameworks and standards, such as National Institute of Standards and Technology (NIST) SP 800-53, NIST SP 800-171, and NIST cybersecurity framework is preferred.Experience with configuration baselines such as Center for Internet Security (CIS) Benchmarks and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS) is preferred.Fundamental networking knowledge, such as TCP/IP and common protocols (HTTP, HTTPS, FTP, SSH, DNS, etc.).Fundamental understanding of firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), endpoint antivirus, and email security.Ability to read and interpret various system and security logs, such as Windows Event Logs, firewall logs, antivirus logs, email security/filtering logs, and IDS/IPS logs is required.Basic knowledge of SIEM systems such as LogRhythm, QRadar, Splunk, ELK stack, etc.Must have good verbal and written communication skills.Must be able to clearly document findings, incidents, and procedures.Must be able to pass a National Agency Check with Inquiries (NACI/Tier 1) background check.*The candidate's starting salary will be determined upon hire and ORAU will use salary survey data, internal comparators, and the candidate's qualifications to determine salary.
TOTAL REWARDSORAU has a strategic approach to providing total rewards to employees through a fair, equitable, and competitive total compensation package. The goal of our total rewards system is to integrate compensation, benefits, work-life balance, performance, recognition, development, and career opportunities to attract, engage, and retain the talent required to achieve ORAU's business objectives. The benefit component of our total rewards program supports business goals by offering the following benefits based on employee eligibility:Legally required benefitsGroup Health insurance including: Medical, Prescription, Dental, and VisionRetirement plan contribution matchingDisability insuranceGroup life insuranceTravel Accident InsuranceSection 125 reimbursement accountsOther voluntary employee paid benefit and insurance offeringsThe ORAU total reward package also promotes work-life balance. Mindful of the need for employees to care for themselves and their families, ORAU offers the following additional work-life benefits based on employee eligibility:TeleworkPaid Time Off (PTO)Paid HolidaysFlexible work schedules or compressed work weeksOccupational Health and Wellness ProgramsEmployee Assistance Program
Need help finding the right job?
We can recommend jobs specifically for you!
Click here to get started.
Job Locations
US-OH-Cincinnati
ID
2024-1818
Category
Information Technology
Overview
APPOINTMENT TYPE: Full-Time RegularLOCATION: Cincinnati, OH (Hybrid)SALARY RANGE: $36.07 - $49.22 per hourPURPOSE:This position supports the cyber and information security program for the ORAU Cincinnati Operations Center (COC) network. This position will primarily be responsible for monitoring and analyzing security alerts using our Security Information and Event Management (SIEM) platform, conducting regular vulnerability assessments and configuration compliance scans, managing email security measures, and providing technical support for various cybersecurity tools as needed.
Responsibilities
Monitor and analyze security alerts using the SIEM system and other specialized monitoring tools.
Triage and investigate potential cybersecurity incidents, prioritizing threats based on severity and potential impact on the system.Conduct a thorough investigation of security violations and incidents, collaborating with other team members and/or escalating to manager as necessary.Conduct regular vulnerability assessments and configuration compliance scans across internal and external networks.Collaborate with cross-functional IT teams on vulnerability remediation efforts and address configuration baseline deviations, ensuring timely resolution and improved security posture.Monitor and analyze email security systems, including user-reported phishing attempts. Perform appropriate investigation and remediation actions as necessary.Identify and develop ways to improve the efficiency of security, network, and application log monitoring.Provide technical and end-user support for cybersecurity tools as needed.
Qualifications
Bachelor's degree in technology-related field and 2-4 years of job-related experience. An equivalent combination of education and experience requiring similar knowledge, skills, abilities, and performing duties as described may be substituted for the minimum requirements.Experience conducting vulnerability scanning and assessments using tools like Nessus Professional and Qualys.Familiarity with cybersecurity frameworks and standards, such as National Institute of Standards and Technology (NIST) SP 800-53, NIST SP 800-171, and NIST cybersecurity framework is preferred.Experience with configuration baselines such as Center for Internet Security (CIS) Benchmarks and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS) is preferred.Fundamental networking knowledge, such as TCP/IP and common protocols (HTTP, HTTPS, FTP, SSH, DNS, etc.).Fundamental understanding of firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), endpoint antivirus, and email security.Ability to read and interpret various system and security logs, such as Windows Event Logs, firewall logs, antivirus logs, email security/filtering logs, and IDS/IPS logs is required.Basic knowledge of SIEM systems such as LogRhythm, QRadar, Splunk, ELK stack, etc.Must have good verbal and written communication skills.Must be able to clearly document findings, incidents, and procedures.Must be able to pass a National Agency Check with Inquiries (NACI/Tier 1) background check.*The candidate's starting salary will be determined upon hire and ORAU will use salary survey data, internal comparators, and the candidate's qualifications to determine salary.
TOTAL REWARDSORAU has a strategic approach to providing total rewards to employees through a fair, equitable, and competitive total compensation package. The goal of our total rewards system is to integrate compensation, benefits, work-life balance, performance, recognition, development, and career opportunities to attract, engage, and retain the talent required to achieve ORAU's business objectives. The benefit component of our total rewards program supports business goals by offering the following benefits based on employee eligibility:Legally required benefitsGroup Health insurance including: Medical, Prescription, Dental, and VisionRetirement plan contribution matchingDisability insuranceGroup life insuranceTravel Accident InsuranceSection 125 reimbursement accountsOther voluntary employee paid benefit and insurance offeringsThe ORAU total reward package also promotes work-life balance. Mindful of the need for employees to care for themselves and their families, ORAU offers the following additional work-life benefits based on employee eligibility:TeleworkPaid Time Off (PTO)Paid HolidaysFlexible work schedules or compressed work weeksOccupational Health and Wellness ProgramsEmployee Assistance Program
Need help finding the right job?
We can recommend jobs specifically for you!
Click here to get started.