Illinois Institute of Technology
Security Analyst (Operations)
Illinois Institute of Technology, Chicago, Illinois, United States, 60290
Position Details
Position Information
Position TitleSecurity Analyst (Operations)
Requisition #S01401P
FLSAExempt
LocationIIT-Mies Campus (MC), 10 West 35th St., Chicago
DepartmentTechnology Services
GENERAL DESCRIPTION
We are seeking a highly motivated and skilled Security Analyst to join the Cyber-Tech Security (CTS) department of the Office of Technology (OTS). The Security Analyst will be responsible for safeguarding the organization's information systems by identifying, analyzing, and mitigating security threats. The role is also responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The ideal candidate will have a strong technical background and a deep understanding of cybersecurity principles, best practices, and technologies to ensure the confidentiality, integrity, and availability of organization data. The Security Analyst reports to the Director, Cyber-Tech Security.
COMMUNICATIONS
Excellent interpersonal and communication skills are a must; this position requires technical writing for documentation, technology proposals, instructions, and client responses, as well as communications to internal staff, clients, external vendors, and technical support. Strong verbal communication skills are also essential to clearly and accurately explain and present instructional technologies. The ability to gather technical requirements and execute deliverables via phone, remotely, and in-person are a must. Strong IT process-documentation skills are required.
CUSTOMER SERVICE
Excellent customer service skills are required. This position involves working with peer teams, faculty, and staff to resolve complex technical and security-related issues for internal clients, i.e., staff, faculty, and students, both on and off campus. The Security Analyst is expected to respond to tickets in an appropriate manner and provide timely updates based on service level agreements and metrics.
Special Schedule Requirements
This is a full-time position. Normal university business hours are 8:30am to 5:00pm. Monday through Friday. Occasional work may be scheduled on Thursday morning and Friday night/Saturday morning during the university's maintenance windows (https://ots.iit.edu/about/maintenance-window. After hours availability may be required for incident response.
EEOC Statement
Illinois Institute of Technology is an EEO/AA/Title VI/Title IX/Section 504/ADA/ADEA employer dedicated to building a community of excellence, equity, inclusion and diversity. It is committed to fostering an inclusive environment and actively seeks applications from individuals of all backgrounds and identities regardless of race, color, sex, marital status, religion, national origin, disability, age, unfavorable discharge from the military, status as a protected veteran, sexual orientation including gender identity and expression, order of protection status, and/or genetic information. All qualified applicants will receive equal consideration for employment.
Qualifications
Education & ExperienceBachelor's degree in Computer Science, Engineering, IT/IS/MIS, or related1-3 years of experience in information technology or information securityPreferred: experience with academia, research, or similar industryKnowledge & Skills
Working knowledge of security tools and technologies: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), vulnerability scanners, data-loss prevention (DLP), CIS benchmarks, forensic tools, Anti-virus/Anti-malware protection, encryption technologies, cloud services, mobile devices, etc.Familiarity with: Microsoft 365, Active Directory, Linux, email solutionsAbility to produce operations documentation (SOP's, wiki pages, etc.)Familiarity with Agile project management best practicesPrevious experience as an Incident Response team memberPreferred: Familiarity with compliance frameworks (NIST 800-171, CMMC, HIPAA)
SUPERVISION & BUDGET AUTHORITY
No supervisory or budgetary responsibility
Physical Environment and Requirements
Hybrid office environment. Occasional work may be required retrieving desktops or laptops to remove drives for forensic work or excess. See also Special Schedule Requirements.
Certifications and Licenses
List any certifications or licenses that are either required or helpful in performing the job, designating whether required or preferred.
Desirable (not required): CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or similar.
Key Responsibilities
Key Responsibility
Implement, operate, and monitor security information and event management (SIEM) tools to detect and respond to security incidents, indicators of compromise, and breaches, as well as provide metrics for security deficiencies.
Percentage Of Time30
Key Responsibility
Analyze security incidents as an incident responder, indicators of compromise, and breaches, to determine possible impact, origin, and resolution. Coordinate with product teams and vendors to address and mitigate identified security threats.
Percentage Of Time20
Key Responsibility
Collaborate with product teams and vendors to ensure secure configuration and deployment of systems and applications. Analyze security requirements for new systems, applications, and vendors. Recommend additional security measures and controls. Identify hardware and software that are nearing the end of support.
Percentage Of Time20
Key Responsibility
Collaborate with various stakeholders in multiple technical disciplines including: developers, subject-matter experts, database administrators, system administrators, and system architects to support existing and implement new security solutions.
Percentage Of Time10
Key Responsibility
Work closely with stakeholders to gather technical requirements and execute on deliverables.
Percentage Of Time10
Key Responsibility
Perform research on new or improved security best practices, protocols, technologies, as well as cyber threat intelligence and attack vectors.
Percentage Of Time5
Key Responsibility
Perform other duties as may be assigned.
Percentage Of Time5
Posting Information
Work Hours
Monday - Friday, 8:30 a.m. - 5:00 p.m.
Position CategoryFull Time
Posting Date11/07/2024
Closing Date
Posted Until FilledYes
Quicklink for Postinghttps://iit7.peopleadmin.com/postings/10895
Position Information
Position TitleSecurity Analyst (Operations)
Requisition #S01401P
FLSAExempt
LocationIIT-Mies Campus (MC), 10 West 35th St., Chicago
DepartmentTechnology Services
GENERAL DESCRIPTION
We are seeking a highly motivated and skilled Security Analyst to join the Cyber-Tech Security (CTS) department of the Office of Technology (OTS). The Security Analyst will be responsible for safeguarding the organization's information systems by identifying, analyzing, and mitigating security threats. The role is also responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The ideal candidate will have a strong technical background and a deep understanding of cybersecurity principles, best practices, and technologies to ensure the confidentiality, integrity, and availability of organization data. The Security Analyst reports to the Director, Cyber-Tech Security.
COMMUNICATIONS
Excellent interpersonal and communication skills are a must; this position requires technical writing for documentation, technology proposals, instructions, and client responses, as well as communications to internal staff, clients, external vendors, and technical support. Strong verbal communication skills are also essential to clearly and accurately explain and present instructional technologies. The ability to gather technical requirements and execute deliverables via phone, remotely, and in-person are a must. Strong IT process-documentation skills are required.
CUSTOMER SERVICE
Excellent customer service skills are required. This position involves working with peer teams, faculty, and staff to resolve complex technical and security-related issues for internal clients, i.e., staff, faculty, and students, both on and off campus. The Security Analyst is expected to respond to tickets in an appropriate manner and provide timely updates based on service level agreements and metrics.
Special Schedule Requirements
This is a full-time position. Normal university business hours are 8:30am to 5:00pm. Monday through Friday. Occasional work may be scheduled on Thursday morning and Friday night/Saturday morning during the university's maintenance windows (https://ots.iit.edu/about/maintenance-window. After hours availability may be required for incident response.
EEOC Statement
Illinois Institute of Technology is an EEO/AA/Title VI/Title IX/Section 504/ADA/ADEA employer dedicated to building a community of excellence, equity, inclusion and diversity. It is committed to fostering an inclusive environment and actively seeks applications from individuals of all backgrounds and identities regardless of race, color, sex, marital status, religion, national origin, disability, age, unfavorable discharge from the military, status as a protected veteran, sexual orientation including gender identity and expression, order of protection status, and/or genetic information. All qualified applicants will receive equal consideration for employment.
Qualifications
Education & ExperienceBachelor's degree in Computer Science, Engineering, IT/IS/MIS, or related1-3 years of experience in information technology or information securityPreferred: experience with academia, research, or similar industryKnowledge & Skills
Working knowledge of security tools and technologies: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), vulnerability scanners, data-loss prevention (DLP), CIS benchmarks, forensic tools, Anti-virus/Anti-malware protection, encryption technologies, cloud services, mobile devices, etc.Familiarity with: Microsoft 365, Active Directory, Linux, email solutionsAbility to produce operations documentation (SOP's, wiki pages, etc.)Familiarity with Agile project management best practicesPrevious experience as an Incident Response team memberPreferred: Familiarity with compliance frameworks (NIST 800-171, CMMC, HIPAA)
SUPERVISION & BUDGET AUTHORITY
No supervisory or budgetary responsibility
Physical Environment and Requirements
Hybrid office environment. Occasional work may be required retrieving desktops or laptops to remove drives for forensic work or excess. See also Special Schedule Requirements.
Certifications and Licenses
List any certifications or licenses that are either required or helpful in performing the job, designating whether required or preferred.
Desirable (not required): CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or similar.
Key Responsibilities
Key Responsibility
Implement, operate, and monitor security information and event management (SIEM) tools to detect and respond to security incidents, indicators of compromise, and breaches, as well as provide metrics for security deficiencies.
Percentage Of Time30
Key Responsibility
Analyze security incidents as an incident responder, indicators of compromise, and breaches, to determine possible impact, origin, and resolution. Coordinate with product teams and vendors to address and mitigate identified security threats.
Percentage Of Time20
Key Responsibility
Collaborate with product teams and vendors to ensure secure configuration and deployment of systems and applications. Analyze security requirements for new systems, applications, and vendors. Recommend additional security measures and controls. Identify hardware and software that are nearing the end of support.
Percentage Of Time20
Key Responsibility
Collaborate with various stakeholders in multiple technical disciplines including: developers, subject-matter experts, database administrators, system administrators, and system architects to support existing and implement new security solutions.
Percentage Of Time10
Key Responsibility
Work closely with stakeholders to gather technical requirements and execute on deliverables.
Percentage Of Time10
Key Responsibility
Perform research on new or improved security best practices, protocols, technologies, as well as cyber threat intelligence and attack vectors.
Percentage Of Time5
Key Responsibility
Perform other duties as may be assigned.
Percentage Of Time5
Posting Information
Work Hours
Monday - Friday, 8:30 a.m. - 5:00 p.m.
Position CategoryFull Time
Posting Date11/07/2024
Closing Date
Posted Until FilledYes
Quicklink for Postinghttps://iit7.peopleadmin.com/postings/10895