Information Security Analyst 2, Digital Technology Solutions Job Details | University of Cincinnati

$65,000 - $75,000/Yr

University of Cincinnati - Cincinnati, OH

posted 5 months ago

Full-time - Mid Level
Cincinnati, OH
10,001+ employees
Educational Services

About the position

The Information Security Analyst 2 position at the University of Cincinnati is a vital role within the office of information security, focusing on incident response, digital investigations, and digital forensics. The successful candidate will join a team of dedicated information security professionals and will play a key role in mentoring student workers in the security operations center (SOC). This position requires collaboration with other information security experts across the university to enhance the overall security posture of the institution. In this role, the analyst will be responsible for clearly communicating complex security concepts to both technical and non-technical stakeholders, ensuring that all parties understand the implications of security measures. The analyst will also participate in the development of technical documentation, including designs, specifications, processes, and workflows, which are essential for maintaining security standards across the university's systems and services. The analyst will engage in various projects, providing technical assistance and documenting progress on deliverables. They will conduct risk and vulnerability assessments to identify potential threats and protection needs, and assist in providing necessary artifacts for compliance with internal and external audits. The role also involves analyzing logs and network data to support incident investigations and developing training programs to raise awareness about information security among university staff and students. Additionally, the analyst will be expected to stay informed about data security laws and regulations relevant to higher education, participate in troubleshooting processes, and mentor non-security teams on risk management and incident response. This position is dynamic and may evolve based on departmental needs, requiring a proactive and adaptable approach to information security challenges.

Responsibilities

  • Clearly convey complex security information to both technical and non-technical stakeholders.
  • Participate in developing technical documentation (designs, specifications, processes, workflows) and communications.
  • Mentor and delegate work assignments to student workers.
  • Participate in multiple low and moderate risk projects and provide technical assistance.
  • Document individual progress on assigned deliverables.
  • Gather metrics for area of responsibility.
  • Carry out procedures to ensure that all systems, products, and services meet organization security standards.
  • Research information security trends to understand the latest vulnerabilities and threats.
  • Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risk, and protection needs.
  • Assist with providing artifacts to Governance, Risk & Compliance in relation to internal & external audits.
  • Work with business units to achieve security objectives and identify, report, and resolve security risks and violations.
  • Develop subject matter expertise on security applications and services in the area of responsibility.
  • Conduct information security reviews; determine and document risk and impact on the university; provide baseline remediation recommendations.
  • Assist with cyber investigations through forensic fact gathering with a focus on e-discovery.
  • Analyze high volumes of logs, network data, and other attack artifacts in support of incident investigations.
  • Develop content for and present information security training and awareness programs.
  • Develop familiarity with data security laws and regulations applicable to higher education.
  • Participate in troubleshooting processes during and outside of normal business hours and participate in change management.
  • Mentor non-security teams regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks.

Requirements

  • Bachelor's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
  • Four (4) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
  • Experience in security tool administration.
  • Basic scripting skills.
  • Basic project management skills.
  • Understanding of system administration.
  • Basic knowledge of network architecture.
  • Moderate understanding of risk and vulnerability management.
  • Basic awareness of incident response.
  • Experience with industry standard security and compliance frameworks.

Nice-to-haves

  • Knowledge of different Cybersecurity tools including EDR, SIEM, Network proxies and firewalls, Security Orchestration Automation and Response (SOAR), eDiscovery platforms, and/or digital forensic tools.
  • Security+, GSEC, or similar professional certification(s).

Benefits

  • Competitive salary range $65,000 - $75,000 dependent on the candidate's experience.
  • Comprehensive insurance plans including medical, dental, vision, and prescription coverage.
  • Flexible spending accounts and an award-winning employee wellness program, plus an employee assistance program.
  • Financial security via life and long-term disability insurance, accident and illness insurance, and retirement savings plans.
  • Generous paid time off options including vacation, sick leave, annual holidays, and winter season days in addition to paid parental leave.
  • Tuition remission available for employees and their eligible dependents.
  • Discounts for on and off-campus activities and services.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service