Information Security Analyst – Computing and Technology Services (CTS)

Salary:                        Commensurate with experience
Benefits:                     The University offers generous benefits including paid time off (holidays, holy days and vacation), employer matching contributions to the retirement plan, and tuition benefits for employees and their eligible dependents. Learn more and explore benefits at www.duq.edu/benefits
Location:                    Computing and Technology Services
Position Status:          Full-time (35 hours per week)                                         
Hours:                        Varied
Position Number:       239313/10-1183               
FLSA Status:              Exempt

POSITION SUMMARY:

This position is responsible for the support of Duquesne University’s Cyber Security program which includes detection, prevention, incident response and training & awareness as organized and operated by Computing and Technology Services (CTS), the Duquesne University’s central IT organization. 

This position will help develop and support information security systems and programs. The position will also monitor, analyze, and prioritize threats and respond to risks facing the University’s systems and data. In addition, this position will assist with identifying and reporting all security issues, monitoring threat intelligence feeds, and confirming that threat mitigation is in accordance with company standards. This position collaborates with all business units to help respond to security alerts and phishing emails, as well as recommending emerging cybersecurity tools and best practices.

DUTIES AND RESPONSIBILITIES:

Build, deploy, support, monitor and configure various tools used to scan and monitor various aspects of computer, account, or network security and respond to computer security, abuse, and e-discovery incidents. This will entail monitoring intrusion detection, vulnerability scanning and log correlation systems; doing research; scanning machines; reviewing usage logs; etc. to confirm reports and perform forensic analysis according to established procedures. User contact will also be needed in order to inform people of breaches as necessary, and to obtain detailed information.
Provide threat assessment and remediation which includes evaluating how threats impact the University, communicating that information and implementing or recommending techniques to mitigate the threat. Provide detailed information to the Help Desk so that the campus community can be informed of new threats or other security issues as needed. Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.

Executing incident response procedures and processes to identify computer security incidents, contain intrusions and recommend options for eradication & recovery all the while effectively communicating with both internal and external customers and escalating as necessary which may require off-hours work as it requires 24/7 coverage by the department.

Deliver training and awareness services by providing training documentation and announcements for security & abuse issues and current threats. Collaborate with end user support groups to provide training and awareness to campus on information security activities, trends and threats.

Participates in external community outreach and professional activities related to their field, according to their own interest, and affected by relevance to key challenges for CTS and/or Duquesne University. For example, works with external organizations, e.g., EDUCAUSE, on projects or efforts that enhance the reputation of the university as well as maintains proficiency and/or contributes to his/her professional development.

Participate in on-going professional development (attending/presenting at conferences, meetings, etc.).

Perform other duties and projects as needed.

REQUIREMENTS:

Minimum qualifications:

Bachelor’s degree from an accredited educational institution (Cybersecurity, Computer Science, Information Security, Information Sciences, or Business is preferred).

Valid PA Driver’s license

1-3 years work related experience

2-3 years of experience in an information security role or capacity.

Information security program experience such as incident management, vulnerability management, data-loss prevention, endpoint protection, security information event management (SIEM), intrusion detection systems, intrusion prevention systems, malware analysis, and network situational awareness.

Demonstrated understanding and knowledge of information technology areas such as server management, operating systems configuration, software configuration, and networking.

Experience with a variety of operating systems including Windows, Macintosh and/or Linux is required.

Programming and scripting experience (PowerShell, Python, etc.).

Digital Forensics and E-Discovery

Preferred qualifications:

Information Security Certifications are preferred, such as ISC2 Certified in Cybersecurity (CC), GIAC Security Essentials Certification (GSEC), CompTIA Security+
CompTIA Security+ preferred within one year of hire.

ISC2 Certified in Cybersecurity (CC) preferred within one year of hire.

Experience in a higher education environment is also preferred.

Alternatively, the successful candidate may possess any equivalent combination of experience and training, which provides the knowledge, skills and abilities required to perform the essential job functions. This includes, but is not limited to, the following:

Knowledge & Experience:

Experience with security tools such as: Firewalls, Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Security Information Event Systems (SIEM), Endpoint Detection and Response (EDR) Tools, Vulnerability Management Solutions, and scripting tools.

Experience with threat hunting, which consists of searching through networks and datasets to identify malicious activity or Indicators of Compromise (IOCs).

Understanding of IP, TCP/IP, and other network administration protocols.

Understanding of Windows, Macintosh, and/or Linux operating systems.

Familiarity with Information Technology service management (ITSM) tools.

Experience with email security and other cloud-based security features.

Experience with Cybersecurity Training Awareness platforms.

Experience with Third Party Risk Management Reviews and Information Technology audits.

Experience with Incident Response troubleshooting and activities.

Personal Attributes:

Proven analytical and problem-solving abilities.

Ability to effectively prioritize and execute tasks in a high-pressure environment.

Excellent written, oral, and interpersonal communication skills.

Ability to conduct research regarding IT security issues and products as required.

Ability to present ideas in business-friendly and user-friendly language.

Highly self-motivated and directed.

Keen attention to detail.

Team-oriented and skilled in working within a collaborative environment.
Ability to establish and maintain effective working relationships with the University Community.

Ability and willingness to contribute actively to the mission of the University and to respect the Spiritan Catholic identity of Duquesne University.  The mission is implemented through a commitment to academic excellence, a spirit of service, moral and spiritual values, sensitivity to world concerns, and an ecumenical campus community.

APPLICATION INSTRUCTIONS:

Applicants are asked to submit a cover letter, resume, and contact information for three professional references.
Duquesne University was founded in 1878 by its sponsoring religious community, the Congregation of the Holy Spirit.  Duquesne University is Catholic in mission and ecumenical in spirit.  Motivated by its Catholic identity, Duquesne values equality of opportunity both as an educational institution and as an employer.