Illinois Institute of Technology
Security Analyst (Compliance)
Illinois Institute of Technology, Chicago, Illinois, United States, 60290
Position Details
Position Information
Position TitleSecurity Analyst (Compliance)
Requisition #S01400P
FLSAExempt
LocationIIT-Mies Campus (MC), 10 West 35th St., Chicago
DepartmentTechnology Services
GENERAL DESCRIPTION
We are seeking a highly motivated and skilled Security Analyst to join the Cyber-Tech Security (CTS) department of the Office of Technology (OTS). The Security Analyst will play a key role in ensuring the organization adheres to legal and regulatory requirements, internal policies, and industry best practices. The ideal candidate will have a solid understanding of risk management frameworks, compliance standards, and governance processes and will work closely with various departments to ensure proper implementation and monitoring of GRC activities. The Security Analyst will also have a technical role in being responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The Security Analyst reports to the Director, Cyber-Tech Security.
COMMUNICATIONS
Excellent interpersonal and communication skills are a must; this position requires technical writing for documentation, technology proposals, instructions, and client responses, as well as communications to internal staff, clients, external vendors, and technical support. Strong verbal communication skills are also essential to clearly and accurately explain and present instructional technologies. The ability to gather technical requirements and execute deliverables via phone, remotely, and in-person are a must. Strong IT process-documentation skills are required.
CUSTOMER SERVICE
Excellent customer service skills are required. This position involves working with peer teams, faculty, and staff to resolve complex technical and security-related issues for internal clients, i.e., staff, faculty, and students, both on and off campus. The Security Analyst is expected to respond to tickets in an appropriate manner and provide timely updates based on service level agreements and metrics.
Special Schedule Requirements
This is a full-time position. Normal university business hours are 8:30am to 5:00pm. Monday through Friday. Occasional work may be scheduled on Thursday morning and Friday night/Saturday morning during the university's maintenance windows (https://ots.iit.edu/about/maintenance-window. After hours availability may be required for incident response.
EEOC Statement
Illinois Institute of Technology is an EEO/AA/Title VI/Title IX/Section 504/ADA/ADEA employer dedicated to building a community of excellence, equity, inclusion and diversity. It is committed to fostering an inclusive environment and actively seeks applications from individuals of all backgrounds and identities regardless of race, color, sex, marital status, religion, national origin, disability, age, unfavorable discharge from the military, status as a protected veteran, sexual orientation including gender identity and expression, order of protection status, and/or genetic information. All qualified applicants will receive equal consideration for employment.
Qualifications
Education & ExperienceBachelor's degree in Computer Science, Engineering, IT/IS/MIS, or related1-3 years of experience in information technology or information securityPreferred: experience with academia, research, or similar industryKnowledge & Skills
Working knowledge of security tools and technologies: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), vulnerability scanners, data-loss prevention (DLP), CIS benchmarks, forensic tools, Anti-virus/Anti-malware protection, encryption technologies, cloud services, mobile devices, etc.Familiarity with: Microsoft 365, Active Directory, Linux, email solutionsAbility to produce operations documentation (SOP's, wiki pages, etc.)Familiarity with Agile project management best practicesPrevious experience as an Incident Response team memberPreferred: Familiarity with compliance frameworks (NIST 800-171, CMMC, HIPAA)
SUPERVISION & BUDGET AUTHORITY
No supervisory or budgetary responsibility.
Physical Environment and Requirements
Hybrid office environment. Occasional work may be required retrieving desktops or laptops to remove drives for forensic work or excess. See also Special Schedule Requirements.
Certifications and Licenses
List any certifications or licenses that are either required or helpful in performing the job, designating whether required or preferred.
Desirable (not required): CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or similar.
Key Responsibilities
Key Responsibility
Analyze security incidents as an incident responder, indicators of compromise, and breaches, to determine possible impact, origin, and resolution. Coordinate with product teams and vendors to address and mitigate identified security threats.
Percentage Of Time20
Key Responsibility
Collaborate with product teams and vendors to ensure secure configuration and deployment of systems and applications. Analyze security requirements for new systems, applications, and vendors. Recommend additional security measures and controls. Identify hardware and software that are nearing the end of support.
Percentage Of Time20
Key Responsibility
Perform and manage IT risk assessments to support requirements of various security frameworks.
Percentage Of Time15
Key Responsibility
Ensure that IT security design, controls, processes, and procedures are aligned with information security standards, guidelines, and policies to maintain systems security plans.
Percentage Of Time15
Key Responsibility
Facilitate the overall planning, execution, and reporting of risk assessments, as well as compliance and regulatory requirements, and maintain existing compliance accreditations.
Percentage Of Time10
Key Responsibility
Identify opportunities to improve existing processes and controls, recommend constructive corrective actions to address control deficiencies identified through compliance audits to strengthen IT security posture, and improve IT processes.
Percentage Of Time10
Key Responsibility
Perform industry research on new compliance requests.
Percentage Of Time5
Key Responsibility
Perform other duties as may be assigned.
Percentage Of Time5
Posting Information
Work Hours
Monday - Friday, 8:30 a.m. - 5:00 p.m.
Position CategoryFull Time
Posting Date11/06/2024
Closing Date
Posted Until FilledYes
Quicklink for Postinghttps://iit7.peopleadmin.com/postings/10891
Position Information
Position TitleSecurity Analyst (Compliance)
Requisition #S01400P
FLSAExempt
LocationIIT-Mies Campus (MC), 10 West 35th St., Chicago
DepartmentTechnology Services
GENERAL DESCRIPTION
We are seeking a highly motivated and skilled Security Analyst to join the Cyber-Tech Security (CTS) department of the Office of Technology (OTS). The Security Analyst will play a key role in ensuring the organization adheres to legal and regulatory requirements, internal policies, and industry best practices. The ideal candidate will have a solid understanding of risk management frameworks, compliance standards, and governance processes and will work closely with various departments to ensure proper implementation and monitoring of GRC activities. The Security Analyst will also have a technical role in being responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The Security Analyst reports to the Director, Cyber-Tech Security.
COMMUNICATIONS
Excellent interpersonal and communication skills are a must; this position requires technical writing for documentation, technology proposals, instructions, and client responses, as well as communications to internal staff, clients, external vendors, and technical support. Strong verbal communication skills are also essential to clearly and accurately explain and present instructional technologies. The ability to gather technical requirements and execute deliverables via phone, remotely, and in-person are a must. Strong IT process-documentation skills are required.
CUSTOMER SERVICE
Excellent customer service skills are required. This position involves working with peer teams, faculty, and staff to resolve complex technical and security-related issues for internal clients, i.e., staff, faculty, and students, both on and off campus. The Security Analyst is expected to respond to tickets in an appropriate manner and provide timely updates based on service level agreements and metrics.
Special Schedule Requirements
This is a full-time position. Normal university business hours are 8:30am to 5:00pm. Monday through Friday. Occasional work may be scheduled on Thursday morning and Friday night/Saturday morning during the university's maintenance windows (https://ots.iit.edu/about/maintenance-window. After hours availability may be required for incident response.
EEOC Statement
Illinois Institute of Technology is an EEO/AA/Title VI/Title IX/Section 504/ADA/ADEA employer dedicated to building a community of excellence, equity, inclusion and diversity. It is committed to fostering an inclusive environment and actively seeks applications from individuals of all backgrounds and identities regardless of race, color, sex, marital status, religion, national origin, disability, age, unfavorable discharge from the military, status as a protected veteran, sexual orientation including gender identity and expression, order of protection status, and/or genetic information. All qualified applicants will receive equal consideration for employment.
Qualifications
Education & ExperienceBachelor's degree in Computer Science, Engineering, IT/IS/MIS, or related1-3 years of experience in information technology or information securityPreferred: experience with academia, research, or similar industryKnowledge & Skills
Working knowledge of security tools and technologies: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), vulnerability scanners, data-loss prevention (DLP), CIS benchmarks, forensic tools, Anti-virus/Anti-malware protection, encryption technologies, cloud services, mobile devices, etc.Familiarity with: Microsoft 365, Active Directory, Linux, email solutionsAbility to produce operations documentation (SOP's, wiki pages, etc.)Familiarity with Agile project management best practicesPrevious experience as an Incident Response team memberPreferred: Familiarity with compliance frameworks (NIST 800-171, CMMC, HIPAA)
SUPERVISION & BUDGET AUTHORITY
No supervisory or budgetary responsibility.
Physical Environment and Requirements
Hybrid office environment. Occasional work may be required retrieving desktops or laptops to remove drives for forensic work or excess. See also Special Schedule Requirements.
Certifications and Licenses
List any certifications or licenses that are either required or helpful in performing the job, designating whether required or preferred.
Desirable (not required): CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or similar.
Key Responsibilities
Key Responsibility
Analyze security incidents as an incident responder, indicators of compromise, and breaches, to determine possible impact, origin, and resolution. Coordinate with product teams and vendors to address and mitigate identified security threats.
Percentage Of Time20
Key Responsibility
Collaborate with product teams and vendors to ensure secure configuration and deployment of systems and applications. Analyze security requirements for new systems, applications, and vendors. Recommend additional security measures and controls. Identify hardware and software that are nearing the end of support.
Percentage Of Time20
Key Responsibility
Perform and manage IT risk assessments to support requirements of various security frameworks.
Percentage Of Time15
Key Responsibility
Ensure that IT security design, controls, processes, and procedures are aligned with information security standards, guidelines, and policies to maintain systems security plans.
Percentage Of Time15
Key Responsibility
Facilitate the overall planning, execution, and reporting of risk assessments, as well as compliance and regulatory requirements, and maintain existing compliance accreditations.
Percentage Of Time10
Key Responsibility
Identify opportunities to improve existing processes and controls, recommend constructive corrective actions to address control deficiencies identified through compliance audits to strengthen IT security posture, and improve IT processes.
Percentage Of Time10
Key Responsibility
Perform industry research on new compliance requests.
Percentage Of Time5
Key Responsibility
Perform other duties as may be assigned.
Percentage Of Time5
Posting Information
Work Hours
Monday - Friday, 8:30 a.m. - 5:00 p.m.
Position CategoryFull Time
Posting Date11/06/2024
Closing Date
Posted Until FilledYes
Quicklink for Postinghttps://iit7.peopleadmin.com/postings/10891