Register
Recruit Create CV
Unfortunately, this job posting is expired.
Don't worry, we can still help! Below, please find related information to help you with your job search.
Related keywords
Some similar recruitments
Information Security Analyst (Partial Or Full Remote Eligible)
Recruited by Simmons University 8 months ago Address , Boston, 02115, Ma
Information Systems Security Engineer (Isse) - Pt. Mugu
Recruited by La Jolla Logic 8 months ago Address , Oxnard, 93030, Ca $115,000 - $130,000 a year
Associate - Information Security Management
Recruited by JPMorgan Chase & Co. 9 months ago Address Plano, TX, United States
Information Security Analyst Jobs
Recruited by SafeBase 9 months ago Address Austin, TX, United States
Senior Information Technology Security Analyst
Recruited by Acer 9 months ago Address Dallas-Fort Worth Metroplex, United States
Information Security Analyst Jobs
Recruited by Strategic Staffing Solutions 9 months ago Address San Antonio, Texas Metropolitan Area, United States
Information Security Analyst Jobs
Recruited by Pinnacle Group, Inc. 9 months ago Address Dallas, TX, United States
Information Security Analyst Jobs
Recruited by Strategic Staffing Solutions 10 months ago Address Irving, TX, United States
Junior Information Security Analyst
Recruited by Addison Group 10 months ago Address Dallas, TX, United States
Information Security Analyst (Entry Level)-Us
Recruited by Patterned Learning AI 10 months ago Address Houston, TX, United States

Information Security Analyst Jobs

Company

Northeastern University
Address , Boston, 02115, Ma
Employment type FULL_TIME
Salary
Expires 2023-06-12
Posted at 1 year ago
Job Description
About the Opportunity
JOB SUMMARY
Northeastern University is looking for a highly motivated and experienced candidate for the role of Information Security Analyst. This individual reports directly to the Director of Information Security and will ensure the delivery of the Information Security Program services to achieve both business and security objectives and contributes to Information Security Operations across Northeastern University’s global campus network.
At Team ITS, your success matters as much as the mission. Learn more about our flexible, highly dynamic, and values-first culture at
careers.its.northeastern.edu
.
This position is eligible for remote work.
Key responsibilities including but not limited to:
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Creates and documents procedures for internal and external business processes which are efficient, and scalable working across the team to identify opportunities for automation and increased service maturity.
  • Contribute to incident response activities across the University for all community members (faculty, students, and staff); including after-hours as needed.
  • Consult with and advise the community as a subject matter expert in areas of information security.
Threat and Incident Management:
  • Maintain situational awareness of on-going cyber security threats in the broader community via mailing lists, chat channels, blog posts, social media, and news sources.
  • Direct collaboration and oversight of service levels with Managed Service Providers and Security vendors.
  • In collaboration with team members, and Managed Service Vendors perform cyber security monitoring, incident response, forensic analysis, and resolution of cyber security incidents.
  • Independently examine a wide range of data, including SIEM/SOAR (QRadar/Sentinel) events, Microsoft Security events/data, to detect cyber security incidents with broad supervision.
  • Manage incidents as they arise and structure organizational Incident Response.
Vulnerability Management and Remediation Tracking:
  • Assist managed service vendor with coordination of weekly Vulnerability Management/Patching meetings with key stakeholders and assist with research on remediation and/or mitigation solutions.
  • Develop tools, scripts, or reports to enhance productivity of Incident Response and Threat Hunting.
  • Develop high quality documentation of technical systems, policies, processes, and procedures for use internally within the group, throughout the IT organization.
  • Identify non-compliant or vulnerable systems and conduct outreach to system owners to work through remediation, mitigation solutions or engage other IT staff or vendors for assistance.
  • Conduct vulnerability scanning (scheduled and ad hoc) across university systems.
Security Consultation:
  • Direct collaboration across various units of the University, such as Human Resources, the (OGC) Office of General Counsel, and Northeastern University Research Enterprise Services (NU-RES), provides guidance regarding the implementation of technical, operational, and procedural controls which support compliance to Northeastern Security Policies.
  • Perform assessments as assigned to determine IT security/risk posture within the University network, systems, and software applications, utilizing IT security tools and methodologies.
  • Serve the Northeastern community as a trusted advisor from the Office of Information Security for technology projects, security solutions, systems architecture, and application-level security configurations, by providing recommendations for risk mitigations or compensating controls.
Additional Responsibilities:
  • Cross-train and mentor other members of the team.
  • Respond to internal and external audits and examinations.
  • Coordination and oversight of Managed Service providers, and Security product vendors to ensure contractual obligations, Service Level Agreements and maintenance requirements are met.
  • Recommends and develops modifications and enhancements to existing hardware and software, new implementations, and installation standards to increase system security and improve monitoring.
  • Promote awareness of applicable policy, standards, and industry best practices across the University.
MINIMUM QUALIFICATIONS
  • Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
  • Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems
  • Strong investigative mindset with an attention to detail and an ability to identify anomalous behavior on endpoint devices and/or network communications.
  • Familiarity with various Vulnerability scanning and Security Operational tools, (such as Nessus/Tenable, Qualys, QRadar, SIEM).
  • Familiar with risk assessment best practices, producing effective security metrics, and familiarity with cybersecurity frameworks such as NIST 800 (53-171).
  • Strong written, and verbal communication and interpersonal skills, especially in conveying technical concepts to non-technical audiences with the creation of reports, dashboards, and presentations for various audience levels.
  • Ability to teach and collaborate.
  • At least 3 -5 years of applicable experience in information security in a complex, heterogeneous network environment with demonstrated growth and service-oriented mindset.
  • Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents.
  • Well-versed in the information security issues affecting educational entities and cloud-based service providers.
  • Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Security Engineering, and relevant technical field experience in security domains (such as Network/Application/Data Security, Vulnerability Management, Client and Cloud Security).
  • Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), Ethical Hacker, GIAC Security Essentials (GSEC), or other relevant certifications.
  • Experience with enterprise scale platforms, services, and architecture, including Cloud Platforms (such as M365) and applicable Cloud Security principals.
  • Experience Writing and preparing technical reports, and Standard Operating Procedures/Playbooks
  • Hands-on experience with information security tools such as an enterprise SIEM and SOAR solutions, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices (experience with security technology solutions particularly QRadar, Sentinel, Defender)
  • Experience working in Agile teams with Scrum/Kanban/etc.
PREFERRED QUALIFICATIONS
The following Additional Qualifications are strongly preferred. If you meet some, but not all, you are still encouraged to apply; we value employees with a willingness to learn.
  • Experience with scripting, programming, or automation methods
  • Previous experience in higher education preferred.
  • Project Management experience, Scrum/Agile preferred.
  • Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
  • Experience participating in digital forensics investigations using current technologies and practices.
  • Familiarity with compliance and Privacy themes is preferable, including but not limited to Privacy and legal requirements FERPA, NIST.
KEY RESPONSIBILITIES & ACCOUNTABILITIES
Operational Support
  • Contribute to incident response activities across the University for all community members (faculty, students, and staff); including after-hours as needed.
  • Serve the Northeastern community as a trusted advisor from the Office of Information Security for technology projects, security solutions, systems architecture, and application-level security configurations, by providing recommendations for risk mitigations or compensating controls.
  • Responsible providing security operational process support for Security incidents, and to identify non-compliant or vulnerable systems and conduct outreach to system owners to work through remediation, mitigation solutions or engage other IT staff or vendors for assistance.
Customer Support
  • Provide Tier 1, 2, and 3 support to customers on the services provided by the department.
  • Without direct supervision, perform tasks required to ensure customer satisfaction and departmental SLA's are achieved.
  • Provide accurate and effective documentation on all issues and problems.
  • Provide training and documentation to Tier 1 support and other department team members on emerging issues.
Security Operations Support
  • Responsible for general Security Operations support including Incident Response (may require outside of regular hours as needed).
Position Type
Information Technology
Additional Information
Northeastern University considers factors such as candidate work experience, education and skills when extending an offer.
Northeastern has a comprehensive benefits package for benefit eligible employees. This includes medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement- as well as commuting & transportation. Visit
https://hr.northeastern.edu/benefits/
for more information.
Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
To learn more about Northeastern University’s commitment and support of diversity and inclusion, please see
www.northeastern.edu/diversity
.