Logo
Illinois Institute of Technology

Security Analyst (Compliance) Job at Illinois Institute of Technology in Chicago

Illinois Institute of Technology, Chicago, IL, United States


Position Details Position Information Position Title Security Analyst (Compliance) Requisition # S01400P FLSA Exempt Location IIT-Mies Campus (MC), 10 West 35th St., Chicago Department Technology Services GENERAL DESCRIPTION We are seeking a highly motivated and skilled Security Analyst to join the Cyber-Tech Security (CTS) department of the Office of Technology (OTS). The Security Analyst will play a key role in ensuring the organization adheres to legal and regulatory requirements, internal policies, and industry best practices. The ideal candidate will have a solid understanding of risk management frameworks, compliance standards, and governance processes and will work closely with various departments to ensure proper implementation and monitoring of GRC activities. The Security Analyst will also have a technical role in being responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The Security Analyst reports to the Director, Cyber-Tech Security. COMMUNICATIONS Excellent interpersonal and communication skills are a must; this position requires technical writing for documentation, technology proposals, instructions, and client responses, as well as communications to internal staff, clients, external vendors, and technical support. Strong verbal communication skills are also essential to clearly and accurately explain and present instructional technologies. The ability to gather technical requirements and execute deliverables via phone, remotely, and in-person are a must. Strong IT process-documentation skills are required. CUSTOMER SERVICE Excellent customer service skills are required. This position involves working with peer teams, faculty, and staff to resolve complex technical and security-related issues for internal clients, i.e., staff, faculty, and students, both on and off campus. The Security Analyst is expected to respond to tickets in an appropriate manner and provide timely updates based on service level agreements and metrics. Special Schedule Requirements This is a full-time position. Normal university business hours are 8:30am to 5:00pm. Monday through Friday. Occasional work may be scheduled on Thursday morning and Friday night/Saturday morning during the university's maintenance windows (https://ots.iit.edu/about/maintenance-window. After hours availability may be required for incident response. EEOC Statement Illinois Institute of Technology is an EEO/AA/Title VI/Title IX/Section 504/ADA/ADEA employer dedicated to building a community of excellence, equity, inclusion and diversity. It is committed to fostering an inclusive environment and actively seeks applications from individuals of all backgrounds and identities regardless of race, color, sex, marital status, religion, national origin, disability, age, unfavorable discharge from the military, status as a protected veteran, sexual orientation including gender identity and expression, order of protection status, and/or genetic information. All qualified applicants will receive equal consideration for employment. Qualifications Education & Experience Bachelor's degree in Computer Science, Engineering, IT/IS/MIS, or related 1-3 years of experience in information technology or information security Preferred: experience with academia, research, or similar industry Knowledge & Skills Working knowledge of security tools and technologies: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), vulnerability scanners, data-loss prevention (DLP), CIS benchmarks, forensic tools, Anti-virus/Anti-malware protection, encryption technologies, cloud services, mobile devices, etc. Familiarity with: Microsoft 365, Active Directory, Linux, email solutions Ability to produce operations documentation (SOP's, wiki pages, etc.) Familiarity with Agile project management best practices Previous experience as an Incident Response team member Preferred: Familiarity with compliance frameworks (NIST 800-171, CMMC, HIPAA) SUPERVISION & BUDGET AUTHORITY No supervisory or budgetary responsibility. Physical Environment and Requirements Hybrid office environment. Occasional work may be required retrieving desktops or laptops to remove drives for forensic work or excess. See also Special Schedule Requirements. Certifications and Licenses List any certifications or licenses that are either required or helpful in performing the job, designating whether required or preferred. Desirable (not required): CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or similar. Key Responsibilities Key Responsibility Analyze security incidents as an incident responder, indicators of compromise, and breaches, to determine possible impact, origin, and resolution. Coordinate with product teams and vendors to address and mitigate identified security threats. Percentage Of Time 20 Key Responsibility Collaborate with product teams and vendors to ensure secure configuration and deployment of systems and applications. Analyze security requirements for new systems, applications, and vendors. Recommend additional security measures and controls. Identify hardware and software that are nearing the end of support. Percentage Of Time 20 Key Responsibility Perform and manage IT risk assessments to support requirements of various security frameworks. Percentage Of Time 15 Key Responsibility Ensure that IT security design, controls, processes, and procedures are aligned with information security standards, guidelines, and policies to maintain systems security plans. Percentage Of Time 15 Key Responsibility Facilitate the overall planning, execution, and reporting of risk assessments, as well as compliance and regulatory requirements, and maintain existing compliance accreditations. Percentage Of Time 10 Key Responsibility Identify opportunities to improve existing processes and controls, recommend constructive corrective actions to address control deficiencies identified through compliance audits to strengthen IT security posture, and improve IT processes. Percentage Of Time 10 Key Responsibility Perform industry research on new compliance requests. Percentage Of Time 5 Key Responsibility Perform other duties as may be assigned. Percentage Of Time 5 Posting Information Work Hours Monday - Friday, 8:30 a.m. - 5:00 p.m. Position Category Full Time Posting Date 11/06/2024 Closing Date Posted Until Filled Yes Quicklink for Posting https://iit7.peopleadmin.com/postings/10891