University of Pennsylvania - Philadelphia, PA

posted 2 months ago

Full-time - Mid Level
Philadelphia, PA
Educational Services

About the position

The University of Pennsylvania is seeking an Information Security Operations Analyst to join its Office of Information Security (OIS) within the Information Systems & Computing (ISC) department. This position is critical to the Security Operations Center (SOC) and involves performing incident response and handling, including the investigation of security incidents according to established procedures. The analyst will maintain incident documentation and provide direct support to business and IT staff for systems security-related issues. The role requires reviewing alerts and logs, conducting investigations and threat hunting, and responding to identified incidents in the Penn SecureIT environment. The analyst will also be on call to receive, triage, and respond to occasional off-hour security alerts from Penn systems and security service providers, requiring 24x7 coverage for approximately half the days of the year, including holidays and weekends. In this role, the analyst will work directly with end users and their IT support to identify and respond to suspected or actual account compromises. Collaboration with SOC and ISC/Center IT departments is essential to resolve security incidents and improve the security posture of the organization. The analyst will also be responsible for performing other duties and responsibilities as assigned, contributing to the overall mission of the University to transform, enable, and secure IT across its campuses. This position offers a unique opportunity to work in a dynamic environment that values technological freedom and departmental autonomy, empowering individuals and departments to leverage their strengths in support of their goals.

Responsibilities

  • Review alerts/logs and conduct investigations and threat hunting in the Penn SecureIT environment.
  • Respond to identified incidents and maintain incident documentation.
  • Provide direct support to business and IT staff for systems security-related issues.
  • Be on call to receive, triage, and respond to occasional off-hour security alerts from Penn systems and security service providers.
  • Collaborate with SOC and ISC/Center IT departments to resolve security incidents and improve security posture.
  • Work directly with end users and their IT support to identify and respond to suspected or actual account compromises.
  • Perform other duties and responsibilities as assigned.

Requirements

  • Bachelor of Science degree in a relevant field.
  • 1 to 2 years of experience in information security or equivalent combination of education and experience.
  • Familiarity with information security tools and IT environments.
  • Experience with specific security tools, including CrowdStrike, Suricata, Tenable/Nessus vulnerability scanner, Splunk/CrowdStrike, Logscale, or similar log aggregation tools.
  • Flexibility and ability to accommodate non-standard IT environments and unusual constraints on security practices.
  • Demonstrated ability to work collaboratively as part of a team with good oral, listening, and written communication skills.

Nice-to-haves

  • Experience and/or certification in information security incident response.
  • Experience in higher education, not-for-profit, or similar IT environments.

Benefits

  • Continuing education credits
  • Health insurance
  • Dental insurance
  • Flexible spending account
  • Tuition reimbursement
  • Adoption assistance
  • Vision insurance
  • Flexible schedule
  • Life insurance
  • Retirement plan
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service