Sr. Security Analyst

Screen reader users may encounter difficulty with this site. For assistance with applying, please contact [email protected] . If you have questions while submitting an application, please review these frequently asked questions .

Current Employees and Students:
If you are currently employed or enrolled as a student at The Ohio State University, please log in to Workday to use the internal application process.

Welcome to The Ohio State University's career site.  We invite you to apply to positions of interest. In order to ensure your application is complete, you must complete the following:

• Ensure you have all necessary documents available when starting the application process. You can review the additional job description section on postings for documents that may be required.
• Prior to submitting your application, please review and update (if necessary) the information in your candidate profile as it will transfer to your application. 

Job Title:
Sr. Security Analyst

Department:
OTDI | Governance and Risk Management

The Ohio State Digital Security and Trust team is responsible for the implementation of a comprehensive cybersecurity program that enables and supports the management of information security risk for Ohio State’s information systems and assets. The Digital Security and Trust team looks for individuals who value partnership, trust, innovation and respect. We hold one another accountable for high, ethical and competent performance. Our strategic goals include partnering with the university community to facilitate an information risk aware culture, support university leaders to actively own their information security risks, and to introduce new capabilities; providing solutions which offer foundational information security capabilities, ease of use, and align to current and future university needs; ensuring timely incident and emerging threat response activities, and coordination between stakeholders. Specifically, with a moderate level of autonomy and decision-making authority, as a Sr. Security Analyst for Digital Security and Trust, you will:

Assess security and/or compliance of university systems, documents and develop solutions for known issues/enhancements, providing and presenting summary and detailed assessment reports to users, peers, stakeholders, and senior management.

Lead small to medium risk projects which evaluate, research, and deploy policies, standards, compliance tools.

Be responsible for assessing, monitoring, and analyzing data, identifying security, risk, or compliance issues and/or events, and documenting job aids for common issues or incidents. Identify threat events, vulnerabilities, likelihood, impact, and risk. Work directly with university staff in the development of risk treatment plans to mitigate risk and ensure compliance.

Serve as project security lead for business-critical security initiatives, integrating security into the SDLC and ensuring that solution design and implementation are consistent with the strategic security vision and the university security framework.

Analyze current and emerging areas of technology regarding their risk and secure adoption.

Perform process oversight and improvement around risk management procedures and related technologies, including documenting repeatable procedures, scoring guidance, and summaries of commonly seen issues and associated mitigations.

Required Education/Experience:

Education:
Bachelor’s or an equivalent combination of IT Risk Management or Information Security work experience and education

Experience:
At least 5 years of general IT experience and 4 years of demonstrated experience in IT risk management or similar security role(s)

Ability to organize and prioritize to meet established deadlines, requiring multitasking in a fast-paced environment, with outstanding attention to details.

Excellent verbal and written communication skills.

Knowledge of best practices for IT Risk Management.

Excellent problem solving/analytical skills as well as knowledge of analytical tools and process automation, best practice approach toward technology efficiency/effectiveness.

Ability to establish and communicate security concepts, risk, and controls to a wide range of audiences with varying levels of technical and security experiences.

Demonstrated ability to lead teams, train and develop staff.

Desired Education/Experience:

Education:

Masters

Experience:
Security experience with Workday, Amazon Web Services, Azure

Knowledge of NIST 800-53 and NIST 800-171

Security Certification(s):
CRISC, CISSP, GIAC or similar

Additional Information:

This position maps to Information Technology, Information Security and Risk Management, Individual Contributor - Specialized, S4.

The Targeted Hiring Range for this position is $92,000 to $123,000

Our goal is to foster a community of professionals with diverse skills, experiences and backgrounds who actively collaborate to support the mission of the Ohio State University. We are committed to personal and professional growth of individuals as they achieve their highest potential and support others along the way. In an ever-changing technology landscape our employees are flexible, innovative, and adept problem-solvers.

Location:
Mount Hall (0311)

Position Type:
Regular

Scheduled Hours:
40

Shift:
First Shift

Final candidates are subject to successful completion of a background check.  A drug screen or physical may be required during the post offer process.

Thank you for your interest in positions at The Ohio State University and Wexner Medical Center. Once you have applied, the most updated information on the status of your application can be found by visiting the Candidate Home section of this site. Please view your submitted applications by logging in and reviewing your status. For answers to additional questions please review the frequently asked questions .

The Ohio State University is an equal opportunity employer.

All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability, ethnicity, gender identity or expression, genetic information, HIV/AIDS status, military status, national origin, race, religion, sex, gender, sexual orientation, pregnancy, protected veteran status, or any other basis under the law.

Applicants are encouraged to complete and submit the Equal Employment Identification form.