Information Security Analyst II- Information Security (KITS)

Department:
Information Security Administration

-----

Information Security Fusion Center
Position Title:
Information Security Analyst II- Information Security (KITS)
Job Family Group:
Professional Staff
Job Description Summary:
The Information Security Analyst (ISA) is a member of the KITS Information Security (IS) team and works closely with the other members of the team to implement and evolve a comprehensive information security program. This includes a primary focus on detecting, preventing, and remediating information/cyber security threats to our organization. The incumbent will be required to link and correlate data in novel and interesting ways to determine weaknesses within our infrastructure and systems. This position is responsible for incident response, operational ticket-based work, documentation, maintenance and deployment of security systems and tools and other relevant or necessary monitoring of the Information Security (IS) architecture and related components.
The anticipated hiring salary range is $58,000 - $75,000.
Job Description:

Conditions of Employment:

Must have one or more of the following certifications: CompTIA Network+, CompTIA Security+, (ISC)2 SSCP, EC- Council ECSA, or earn within first year of employment.

Required Qualifications

Education/Certification: Bachelor’s degree in information security, computer science, engineering, telecommunications, systems administration, or another related technical field. An equivalent combination of education and relevant work experience may be substituted for education on a year-for-year basis.

Work Experience:

• Two (2) or more years of progressive work experience in information/cyber security.

• Demonstrated knowledge and experience implementing technical aspects of compliance standards and regulations such as HIPAA, FERPA, GLBA, PCI DSS, NIST, and others.

Preferred Qualifications

Work Experience:

• Experience configuring and securing MacOS and applications.

• Experience writing and maintaining rules for network firewalls such as Cisco or Palo Alto.

• Experience implementing, operating, maintaining, and supporting information security tools and technologies.

• Experience operating, maintaining, and rule writing within a commercially available SIEM technology.

• Experience with implementing, operating, maintaining, or supporting data loss prevention (DLP) technologies.

• Experience completing risk assessments and related documentation.

• Experience with multiple networking architectures, topologies, practices, and technologies.

• Experience with the Malcolm Baldrige Quality Excellence process and the Cybersecurity Excellence Builder.

• Experience including the following: Firewalls and IDS/IPS, Forensics Tools, Incident Response, Security Monitoring, Threat Intelligence, Coding/Scripting, Vulnerability Assessment and Securing Windows, Linux, and Mac operating systems.

Job Description

• Create, tailor, and audit security baselines for operating systems and applications.

• Certification of systems and applications to ensure compliance with KUMC security requirements.

• Maintaining and updating of security systems and tools.

• Perform real-time security log and event analysis and take action within defined parameters to contain and mitigate IS threats and escalate as needed based upon severity.

• Review and analyze security events, determine their severity, and author reports detailing the activity including root cause analysis.

• Coordinate and complete IS operations and process documentation.

• Develop and execute approaches to ensure security requirements are achieved.

• Report detected elements concerning identified or residual risk, vulnerabilities, and other security exposures to IS leadership.

• Complete risk reviews for security exceptions and new technologies.

• Inform, assist, and train IS team members and customers with security requests, exceptions, products, and procedures.

• Monitor reports and security logs for unusual events and investigate as needed to achieve a compliant resolution.

• Identify new or emerging IS threats, evaluate the organizational impact, and recommend actions to mitigate.

• Practice critical thinking and other forecasting methods to identify potential security incidents or disasters and work with the IS team to reduce their likelihood.

• Develop and improve relationships and communications with OIS customers and partners.

• Exercise and maintain a reasonable, objective, and rational point of view and judgement.

• Adapt, improvise, and remain flexible to changing or competing requirements, schedules, priorities, and efforts.

• Communicate and act in a professional, clear, and understandable manner through written and verbal means.

• Operate as a backup to other IS Analysts when needed.

• Participate in after-hours upgrades, troubleshooting, and on-call schedule.

• All other duties, tasks, and responsibilities as assigned.

Required Documents

• Resume/CV
• Cover letter

Comprehensive Benefits Package:

Coverage begins on day one for health, dental, and vision insurance and includes health expense accounts with generous employer contributions if the employee participates in a qualifying health plan. Employer-paid life insurance, long-term disability insurance, and various additional voluntary insurance plans are available. Paid time off, including vacation and sick, begins accruing upon hire, plus nine paid holidays. One paid discretionary day is available after six months of employment, and paid time off for bereavement, jury duty, military service, and parental leave is available after 12 months of employment. A retirement program with a generous employer contribution and additional voluntary retirement programs (457 or 403b) are available. https://www.kumc.edu/human-resources/benefits.html

Employee Type:
Regular
Time Type:
Full time
Rate Type:
Salary

Compensation Statement:

The pay range listed for this position is determined by our compensation program using market data and salary benchmarking. A combination of factors is considered in making compensation decisions including, but not limited to, education, experience and training, qualifications relative to the requirements of the position, and funding. At the University of Kansas Medical Center, a reasonable estimate for the starting pay range will be the minimum to midpoint of the posted range, taking into account the combination of factors listed above. 

Pay Range:
$58,000.00 - $86,000.00

Minimum

$58,000.00

Midpoint

$72,000.00

Maximum

$86,000.00