Cybersecurity Analyst

Job Description

  • Job code: 008987
  • Pay grade: G
  • Pay type: Exempt/salaried

General summary

Supports the University’s cybersecurity efforts by implementing and maintaining security measures to protect digital assets, networks, and systems. Assists in the day-to-day security operations, monitoring for threats, and helping to enforce security policies and procedures.

Major duties

  • Evaluates and responds to security alerts generated by various systems in a timely and effective manner. Conducts thorough investigations to identify and assess potential threats and implements appropriate remediation measures while documenting incidents for future reference.
  • Uses security tools, including vulnerability scanners, intrusion detection and prevention systems, and endpoint protection solutions, to conduct regular vulnerability scans and assists in vulnerability remediation efforts.
  • Oversees the University’s security awareness training program, designs and implements engaging training sessions to educate employees about best practices for cybersecurity. Regularly assess training effectiveness, updating content to address emerging threats, and ensuring compliance with relevant regulations.
  • Assists in addressing compliance issues. Responds to external compliance sources, notifying individuals as appropriate. Oversees the collection and organization of IT information relevant to internal and external audits.
  • Assists in executing the organization's security incident response plan when security incidents occur. Contributes to post-incident analysis and reporting, documents incident timelines, impacts, and lessons learned.
  • Assists identity management staff in the provisioning and deprovisioning of user and departmental accounts throughout the entire user identity lifecycle. Oversees onboarding and offboarding processes, conducting regular audits of access rights, and promptly updating permissions in response to role changes.

Minimum qualifications

Minimum qualifications based upon job documentation and industry best practices. Any current employees not meeting these qualifications will be grandfathered until they move to a different job.

Required education

  • Bachelor’s degree in a related field from an accredited institution or an equivalent combination of education and experience.

Required experience

  • One year's relevant experience.
  • Demonstrated experience in Information Technology Security.
  • Demonstrated expertise in security practices, threat assessment and incident response.
  • Proficient with various security tools, including firewalls, IDS/IPS, endpoint protection software, and SIEM systems.
  • Strong understanding of operating systems, including security configurations and user access management.

Required other

  • Ability to work irregular shifts and extended hours, including weekend and holiday on call duty.

Desired qualifications

Desired other

  • Relevant industry certification.

Physical requirements

Office or other indoor work with minimal physical demands such as occasionally lifting or moving materials less than 25 pounds.

Working conditions

Work is generally performed in a well-lit, temperature-controlled indoor environment with occasional exposure to the outdoors or any number of elements.

Revised: 2024-12-11

This description indicates the general nature and level of work performed by employees in the above job. It is not intended to be a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.