*Intermediate Security Analyst

Title- Intermediate Security Analyst (Level II)
Team- IT Cybersecurity- Governance, Risk and Compliance
Work Type- Hybrid

Are you a curious and flexible person who enjoys a diverse and collaborative environment?

A GRC Intermediate Security Analyst plays an important role in the identification, assessment, reporting, and management of cyber risks.  The individual reports to the Director, of IT GRC and assists them in the development and maintenance of GRC-related project plans and schedules and is an escalation point for GRC programs.  The Intermediate GRC Security Analyst is a subject matter expert in risk and compliance frameworks (NIST CSF, SP 800-53, SP 800-171, HIPAA, FERPA, GLBA, GDPR), vendor risk assessment, vulnerability assessments, security architecture, incident response/management, and forensic collection and analysis procedures.   

  Job Duties:

• Leads efforts to counter security breaches and anticipates and reduces the likelihood of future security alerts, incidents, and disasters.
• Defines, plans, implements, maintains, and upgrades security measures, policies, and controls.
• Writes reports and provides insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
• Assists with the creation of updates and training programs to secure the network. Trains the employees.
• Keeps the security systems up to date.
• Monitors security access and maintains the relevant data.
• Conducts vulnerability testing and risk analyses to assess security. Performs internal and external security audits.
• Analyzes security breaches to identify the cause and to update incidence responses and disaster recovery plans.
• Verifies and coordinates security plans with outside vendors.
• Creates procedures for IT employees and trains in security awareness.
• Performs various duties as needed to successfully fulfill the function of the position.

Required Education/Experience: Bachelors degree, AND:

• 36 months experience in Security Administration or a related field.

Equivalency Substitution: Will accept 48 months of related experience in lieu of the Bachelors Degree for a total of 84 months of experience.

Skills:

• Ability to work in a high-stress environment.
• Excellent verbal and written communication skills, interpersonal, and teaching skills.
• Anticipation, analytical, and problem-solving skills.
• Ability to remain current on the latest technology and best practices in information security.
• Detail-oriented for accuracy of data and information

Certifications:

• None

Advertised Physical/Environmental Requirements:

• Sits for prolonged periods.
• Use of a computer.
• Manual dexterity. 
• Communicate effectively and listen.
• Standard office environment

Special Instructions: If selected as a final candidate for this position, you will be subject to The University of Oklahoma Norman Campus Tuberculosis Testing policy.  To view the policy, visit https://hr.ou.edu/Policies-Handbooks/TB-Testing .

Why You Belong at the University of Oklahoma: The University of Oklahoma fosters an inclusive culture of respect and civility, belonging, and access, which are essential to our collective pursuit of excellence and our determination to change lives. The unique talents, perspectives, and experiences of our community enrich the learning, and working environment at OU, inspiring us to harness our innovation, creativity, and collaboration for the advancement of people everywhere.

Equal Employment Opportunity Statement: The University of Oklahoma, in compliance with all applicable federal and state laws and regulations, does not discriminate based on race, color, national origin, sex, sexual orientation, genetic information, gender identity, gender expression, age, religion, disability, political beliefs, or status as a veteran in any of its policies, practices, or procedures. This includes, but is not limited to, admissions, employment, financial aid, housing, services in educational programs or activities, and health care services that the University operates or provides.