Junior Information Security Analyst

Posting Details To create a Posting, first complete the information on this screen, then click the Next button or select the page in the left hand navigation menu. Proceed through all sections completing all necessary information. To submit the Posting to Human Resources, you must go to the Posting Summary Page by clicking on the Next button until you reach the Posting Summary Page or select Posting Summary Page from the left navigation menu. Once a summary page appears, hover your mouse over the orange Action button for a list of possible approval step options. Position Information Position Title Junior Information Security Analyst Position Type Admin/Professional Department Information Technology Full or Part Time Full Time Pay Grade MN9 Position Summary Information Summary Provides hands-on experience and training in the field of information security. Works with IT leadership to ensure that appropriate and effective procedures are in place and appropriately configured for the protection of the University's information resources. Support daily operations and projects that improves the institutional information security program. Collaborates with various team members. Advances IT risk management and resilience objectives. Serves as a member of our security incident response team. Principal Functional Responsibilities Governance, Risk, and Compliance: Work closely with various teams to develop and implement robust security controls, policies, and procedures so they comply with institutional, state, and federal cybersecurity requirements. Assist in conducting and documenting regular security risk assessments to identify vulnerabilities and recommend adjustments to improve the university's security posture and improve operational resilience. Assist with vendor risk assessments to review and provide recommendations related to vendor security posture. Maintain applicable security documentation and prepare regular reports on security metrics and incidents for management review. Security Operations: Keep informed about the latest cybersecurity trends and technologies, ensuring the university stays ahead in implementing effective cybersecurity measures. Perform threat hunting and analyze potential, successful, and unsuccessful intrusion attempts and compromises for opportunities to tune security controls and update processes to mitigate risk. Support incident response efforts, investigate security incidents, and coordinate appropriate mitigation and recovery measures. Manage vulnerability scans, penetration testing, and web application risk assessments and provide guidance to affected departments and teams to mitigate and remediate findings. Monitor change notifications, advisories and alerts for solutions that support the Information Security Program. Security Awareness and Training : Contribute to the development and delivery of security awareness programs. Assist in training employees on security best practices and policies. Contribute to and learn from the cybersecurity community in higher education through participation in security forums and professional development opportunities. Gain hands-on experience with various security tools and technologies. Education Technology Support: Provides first-tier education technology support, when needed. Supports the operations of education applications. Participates in the evaluation, testing, implementation, and procurement of new education technology systems. Regularly communicate with internal leadership and departments to assess efficacy of systems and discuss improvements. Provides support for university room technology and startup requests. Other Duties: Performs other duties as assigned. Qualifications Associate's degree in information security, computer science, or related field, or at least 2 years of experience in information security, systems administration or other IT related role Basic understanding of information security principles, concepts, and frameworks (e.g., NIST, ISO 27001.) Preferred Qualifications Bachelor's degree or equivalent experience in a technology field Certification in one or more cybersecurity (e.g., CISSP, SANS) or risk management disciplines Demonstrated cybersecurity skills within a higher education environment Experience handling implementations and upgrades in a complex IT environment Experience with a variety of cybersecurity tools, such as firewalls, email security gateways, endpoint detection and response (EDR), vulnerability management, log management, incident response, and security operations Physical Requirements Must be able to utilize a phone, computer, and other office equipment. Department Specific Information Starting Salary Range: $52,087 - $61,637, commensurate with experience Posting Detail Information NEOMED Campus Safety Guidelines To continue our efforts to keep the campus community as healthy and safe as possible, NEOMED requires COVID-19 and influenza vaccinations as a condition of attendance and employment. This policy will allow for exemption of the vaccination requirement for those individuals with valid medical reasons, sincerely held religious beliefs and matters of conscience. Close Date