JOB SUMMARY

The Information Security Analyst is responsible for investigating a diverse range of technical issues across multiple platforms, working with a wide range of clients who have a minimal to broad range of technical skills. The Analyst works among a team of skilled technicians to address problems within a complex network environment and develops solutions that fit into that environment.

The Information Security Analyst may specialize in a number of areas related to the continuous improvement of monitoring, detection, and mitigation capabilities for Information Security. These include but are not limited to Vulnerability Management, Application Security, Firewalls, VPN, and IDS/IPS, Security Architecture, and other related Information Security disciplines. The Analyst plans, organizes and establishes priorities related to an assignment; works independently with minimal outside support; and handles sensitive information in a confidential manner.

DUTIES AND RESPONSIBILITIES

Information Security Analyst 2

• Use of security tools (Firewall/VPN, Vulnerability Management, IDS/IPS) in identifying and investigating threats to the environment.
• Administrate and maintain security tools (Firewall/VPN, Vulnerability Management, IDS/IPS) to prevent threats to the environment.
• Monitor Security Information and Event Management (SIEM) platform and other logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises.
• Triage and response of service requests from customers and internal teams.
• Participate in incident response activities as required for cyber security incidents.
• Promote security awareness to improve and ensure system security and best practices.
• Maintains awareness of potential and developing threats across the industry and in general.
• Develop security metrics to proactively monitor cyber threats.
• Perform risk analysis (threat, vulnerability, and probability of occurrence) whenever a system undergoes a major change.
• Plan, implement, upgrade, and monitor security measures for the protection of data and information systems ensuring appropriate security controls are in place.
• Lead Incident response activities as required for cyber security incidents.
• Identify security gaps, perform risk assessments, and recommend solutions to ensure best practices and security measures are being met (individual systems).
• Designs and implements security standards for various environments.
• Researches and advocates for the latest technologies and solutions to support the security requirements of the organization and constituents.
• Other duties as assigned.

Additional Duties for the Information Security Analyst 3

• Design, implement, and maintain new security solutions.
• Lead major projects/initiatives related to security.
• Integrate data for use between various applications.
• Identify security gaps, perform risk assessments, and recommend solutions to ensure best practices and security measures are being met (large-scale systems).
• Ability to operate autonomously and with limited supervision.
• Creates custom code to facilitate data gathering/sharing across applications.

MINIMUM QUALIFICATIONS

Information Security Analyst 2

• Associate's degree and four years of related experience OR Bachelor s degree and two years of related experience OR six years of related experience.
• Knowledge of network architecture concepts including topology, protocols, components, and principals.
• Strong technical, analytical, interpersonal, and organizational skills.
• In-depth knowledge of one or more IT technologies or platforms.
• In-depth experience with network hardware and network protocols.
• Experience with automation and vendor supported API.
• Understanding of internet architecture and underlying technologies including DHCP, DNS.
• One to three years of experience working in an information security role or supporting an information security program.
• Experience in at least one information security domain including: Security Awareness, Vulnerability Management, Cyber-defense, Incident Response and Forensics, or Security Architecture

Additional Minimum Qualifications for the Information Security Analyst 3

• Associate's degree and six years of related experience OR Bachelor s degree and four years of related experience OR eight years of related experience.
• Experience (IT/Security Related).
• Knowledge of regulatory frameworks including PCI, HIPAA, or NIST Cybersecurity Framework.
• Three to five years of experience working in an information security role or supporting an information security program.

PREFERRED QUALIFICATIONS

Information Security Analyst 2

• Ability to present complex technical concepts in verbal or written business terms.
• Experience with security toolsets including vulnerability management tools, Firewall, VPN, or IDS/IPS.
• Experience with Security Information and Event Management (SIEM) technologies.
• Incident Response Experience and/or certifications.

Additional Preferred Qualifications for the Information Security Analyst 3

• CISSP, CISM, or related information security certifications.
• Understanding of NIST standards including NIST 800-171/172 and NIST 800-53.

This is a full-time, permanent position. The University offers a competitive salary, outstanding benefits including employee and dependent tuition waivers at UConn, and a highly desirable work environment. The hiring range for the Information Security Analyst 2 is $78,820 to $102,465; the hiring range for Information Security Analyst 3 is $88,278 to $114,761. Salary and classification will be commensurate with experience and may be negotiable for exemplary candidates. Other rights, terms, and conditions of employment are contained in the collective bargaining agreement between the University of Connecticut and the University of Connecticut Professional Employees Association (UCPEA).

TERMS AND CONDITIONS OF EMPLOYMENT

Employment of the successful candidate is contingent upon the successful completion of a pre-employment criminal background check.

TO APPLY

Please apply online at , Staff Positions, Search #497827 to upload a resume, cover letter, and contact information for three (3) professional references.

This job posting is scheduled to be removed at 11:55 p.m. Eastern time on May 22, 2024.

All employees are subject to adherence to the State Code of Ethics which may be found at .

All members of the University of Connecticut are expected to exhibit appreciation of, and contribute to, an inclusive, respectful, and diverse environment for the University community.

The University of Connecticut aspires to create a community built on collaboration and belonging and has actively sought to create an inclusive culture within the workforce. The success of the University is dependent on the willingness of our diverse employee and student populations to share their rich perspectives and backgrounds in a respectful manner. This makes it essential for each member of our community to feel secure and welcomed and to thoroughly understand and believe that their ideas are respected by all. We strongly respect each individual employee s unique experiences and perspectives and encourage all members of the community to do the same. All applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

The University of Connecticut is an AA/EEO Employer.