The Pennsylvania Association of Career and Technical Administrators strives to promote excellence in career and technical education through leadership, advocacy and service.

Job Opportunities

« Back to Jobs

Information Security Analyst

Posted on May 15, 2019

School: Community College of Philadelphia

Type: full-time


GENERAL DESCRIPTION: Reporting to the Manager, Network Support Services and serving as the subject matter expert, the Information Security Analyst provides expertise in all areas of cyber security. Primary responsibilities include performing advanced analytics and device manipulation and control in support of network security operations; as well as vulnerability and risk analyses in support of standard cyber security frameworks. The Information Security Analyst is also responsible for daily management and coordination related to network intrusion prevention, monitoring of security controls, reviewing of device and security logs for anomalies, and trends for forensic analysis correlation.

SPECIFIC RESPONSIBILITIES (ESSENTIAL JOB FUNCTIONS)
• Monitor the College’s network operations and provide effective incident response to vulnerability scans and security events as they occur, and provide recommendations for improvements to processes and procedures as necessary.
• Assist in the development and implementation of monitoring and correlation procedures for all network devices, including traffic analysis, availability, downtime, number of service calls to the network, and average time to resolve.
• In collaboration with the Director and the IT work teams, conduct cyber intelligence analysis to develop an understanding of the potential intent, objectives and activities of cyber threat entities for the development of vulnerability assessments and remediation plans.
• Provide ongoing research and evaluation of the technical and cyber intelligence landscape to develop in-depth assessments and analysis of threats to the network infrastructure.
• Review, analyze, correlate and resolve network security threats from multiple systems and security tools (i.e. Fortinet, Nexus, IPS, Solarwinds, Web Inspect and SIEM) to identify vulnerabilities that may impact the security of the College’s network.
• Based on priorities identified by the CIO and Director, provide specific vulnerability remediation support for all College devices, including laptops, workstations, printers, and network devices (including mobile devices) to maintain a 98 percent remediation of vulnerabilities.
• Identify and evaluate business and technology risks; audit internal controls and develop recommendations for procedures to mitigate risks and related opportunities for internal control improvement.
• Collaborate with third party vendors and providers; assist in the selection and evaluation of products and vendors.
• Collaborate with external vendors in the determination of vulnerabilities; gathering remediation requirements, and recommending appropriate solutions and communications.
• Conduct cybersecurity analysis and utilize automated scanning tools and various security-related, web-based applications, to report, identify and track assets’ vulnerabilities throughout the systems lifecycle
• Collaborate with IT management, other internal constituents, and law enforcement agencies to manage security vulnerabilities and investigations as needed.
• Conduct remediation, vulnerability and compliance scans, and resolve connection and access issues to ensure accurate scan data.
• Analyze vulnerability assessment data and create reports in support of the College’s security assessment efforts.
• Provide oversight of incident data flow and response, content, and remediation; and partner with other incident response centers in maintaining an understanding of threats, vulnerabilities, and exploits that could impact networks and assets.
• Assist in the development and tracking of key performance indicators, balanced scorecards and other metrics for measuring operational outcomes in response to security threats, vulnerabilities, events and incidents.
• Support the day-to-day network security operations and administration of the College’s network, including all malware and forensic analysis efforts.
• Maintain proper recordkeeping for all cybersecurity activities.
• Provide training to IT staff and other departments as needed.
• Deliver quality customer services to both internal and external constituents in a professional, helpful and courteous manner.
• Provide coordination for all IT security events requiring focused response, containment, investigation, and remediation.
• Provide daily summary reports of network events and activities and deliver metric reports as required.
• Maintain sensitivity, understanding and respect for a diverse academic environment, inclusive of students, faculty and staff of varying social, economic, cultural, ideological and ethnic backgrounds.
• Perform all other duties as assigned.


QUALIFICATIONS:
• Bachelor’s degree in Computer Science or related field is required. Any and all degrees must be from a regionally credited institution of higher learning.
• At least four (4) years of work experience in computer networking and information security required.
• Thorough understanding of the latest security principles, techniques, and protocols in cyber security required.
• Previous information security experience in a large Microsoft enterprise network environment preferred.
• Previous information security experience within higher education preferred.
• Previous experience in troubleshooting, maintaining and performing computer related repairs and desktop application support using Microsoft Windows and MS Office suite applications required.
• GIAC, GSEC CISM, CEH, or ECSA certification required.
• SSCP, CISSP, CISA, MCSE, CCNA, PMP, Security +, and/or ITIL certifications are preferred.
• Effective verbal and written communication skills required.
• Demonstrated proficiency using Microsoft Word and Excel.
• Strong problem solving and troubleshooting skills required.
• Ability to lift up to 60 pounds from floor to desktop height required.
• Demonstrated understanding of network and desktop operating systems required.
• Knowledge of HIPAA, FERPA. GDPR and other compliance regulations preferred.
• Excellent customer service and interpersonal skills required.
• Ability to work evenings and weekends, as needed, is required.
• Ability to maintain sensitivity, understanding and respect for a diverse academic environment, inclusive of students, faculty, and staff of varying social, economic, cultural, ideological, and ethnic backgrounds required.

 

If interested, please apply at: http://jobs.ccp.edu/postings/3496
 

Upcoming Events

See All Events »