ISACA
Linux Security Analyst
ISACA, Minneapolis, Minnesota, United States, 55400
Research Computing is looking for a skilled, self-motivated Information Security Analyst. This position will work with Research Computing's Information Security Officer to implement and manage vulnerability scanning activities, system policy scanning, and perform auditing of system and application logs for malicious activity, unexpected changes, or violations of policy.
Additional responsibilities include assisting the RC Information Security Officer with Security Program administration, security assessments, risk analysis and reporting. This role will work to enhance Research Computing's overall Information Security Program, primarily focusing on collaboration with the Minnesota Supercomputing Institute to improve program maturity and enhance services to the UMN Research Community.
The successful candidate will be responsible for a mix of day-to-day security operations including the development of monitoring and alerting, and creating automated or manual incident response workflows, analyzing, improving, and responding to vulnerability scan reports, analyzing, improving and responding to audit reports. Frequent collaboration across department units will be required.
Responsibilities:
Security Operations (70%)Develop and deliver Vulnerability scanning schedules, reports, and response procedures across targeted Research Computing systems.Develop System Policy Compliance scanning schedules, reports and response procedures across targeted Research Computing systems.Monitor systems, networks, databases, and web applications for potential system breaches.Identify security risks and exposures, determine the causes of security violations and suggest procedures to stop future incidents and improve security.Respond to alerts from information security tools.Collaborate with Research Computing's Information Security Officer, Advanced Systems Operations engineers, and University Information Security to respond to, mitigate, and recover from security incidents.Information Security Program Activities (20%)Assist the ISO with Risk Analyses and System Security Reviews.Assist the ISO with Test of Design & Effectiveness of existing safeguard implementations.Educate and communicate security requirements and procedures to users.Recommend changes to enhance systems security and prevent unauthorized access.Ensure compliance with regulations, privacy laws and UMN policies.Other Activities (10%)Conduct research on security trends, new methods, and techniques used in unauthorized access of data to eliminate the possibility of system breach.Participate in applicable professional organizations and conferences.Attend applicable training to stay current with ongoing policy and system updates and for professional development.Assist Information Security Officer with ad-hoc reporting or other responsibilities as assigned.Required Qualifications:BA/BS plus at least two years of relevant experience, or Master's Degree.Experience in information security and/or IT risk management with a focus on security, performance and reliability.Demonstrated experience with Vulnerability Scanning & Reporting Tools (Qualys, Rapid 7, Tenable, etc).Demonstrated experience with Log Aggregating and Analysis Tools (Splunk, Elastic/LogStash, Graylog, etc).Proficient with daily Linux systems administration, troubleshooting and operations.Excellent communication (oral, written, presentation), interpersonal and consultative skills.Familiarity with standard Information Security Frameworks (e.g. NIST CSF, CIS Controls, HiTrust, OWASP).Familiarity with CI/CD lifecycle.Detail oriented, able to work independently, and prioritize tasks.Able to work collaboratively in a team environment when required.Preferred Qualifications:Familiarity with NIST 800-53 and/or 800-171, and/or HIPAA Security & Privacy Rule.Familiarity with CIS Security Benchmarks and Controls.Familiarity with Configuration Management tools such as puppet, ansible or chef.HPC, Large Systems or research computing experience.One or more Security Certifications such as Security+, CC, CCSP, CCSK, GSP, CDPSE, etc.
#J-18808-Ljbffr
Additional responsibilities include assisting the RC Information Security Officer with Security Program administration, security assessments, risk analysis and reporting. This role will work to enhance Research Computing's overall Information Security Program, primarily focusing on collaboration with the Minnesota Supercomputing Institute to improve program maturity and enhance services to the UMN Research Community.
The successful candidate will be responsible for a mix of day-to-day security operations including the development of monitoring and alerting, and creating automated or manual incident response workflows, analyzing, improving, and responding to vulnerability scan reports, analyzing, improving and responding to audit reports. Frequent collaboration across department units will be required.
Responsibilities:
Security Operations (70%)Develop and deliver Vulnerability scanning schedules, reports, and response procedures across targeted Research Computing systems.Develop System Policy Compliance scanning schedules, reports and response procedures across targeted Research Computing systems.Monitor systems, networks, databases, and web applications for potential system breaches.Identify security risks and exposures, determine the causes of security violations and suggest procedures to stop future incidents and improve security.Respond to alerts from information security tools.Collaborate with Research Computing's Information Security Officer, Advanced Systems Operations engineers, and University Information Security to respond to, mitigate, and recover from security incidents.Information Security Program Activities (20%)Assist the ISO with Risk Analyses and System Security Reviews.Assist the ISO with Test of Design & Effectiveness of existing safeguard implementations.Educate and communicate security requirements and procedures to users.Recommend changes to enhance systems security and prevent unauthorized access.Ensure compliance with regulations, privacy laws and UMN policies.Other Activities (10%)Conduct research on security trends, new methods, and techniques used in unauthorized access of data to eliminate the possibility of system breach.Participate in applicable professional organizations and conferences.Attend applicable training to stay current with ongoing policy and system updates and for professional development.Assist Information Security Officer with ad-hoc reporting or other responsibilities as assigned.Required Qualifications:BA/BS plus at least two years of relevant experience, or Master's Degree.Experience in information security and/or IT risk management with a focus on security, performance and reliability.Demonstrated experience with Vulnerability Scanning & Reporting Tools (Qualys, Rapid 7, Tenable, etc).Demonstrated experience with Log Aggregating and Analysis Tools (Splunk, Elastic/LogStash, Graylog, etc).Proficient with daily Linux systems administration, troubleshooting and operations.Excellent communication (oral, written, presentation), interpersonal and consultative skills.Familiarity with standard Information Security Frameworks (e.g. NIST CSF, CIS Controls, HiTrust, OWASP).Familiarity with CI/CD lifecycle.Detail oriented, able to work independently, and prioritize tasks.Able to work collaboratively in a team environment when required.Preferred Qualifications:Familiarity with NIST 800-53 and/or 800-171, and/or HIPAA Security & Privacy Rule.Familiarity with CIS Security Benchmarks and Controls.Familiarity with Configuration Management tools such as puppet, ansible or chef.HPC, Large Systems or research computing experience.One or more Security Certifications such as Security+, CC, CCSP, CCSK, GSP, CDPSE, etc.
#J-18808-Ljbffr