IT Security Analyst I
Western Governors University
If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.
Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.
The Senior IT Security Analyst uses their knowledge of current security methods and standards to gather operational information, assess and analyze tools, systems, and processes in defense of applications, systems, and networks, and collaborate with Infrastructure and business teams. The Senior IT Security Analyst is a lead support role for the IT Security team. They will provide mentorship, administrative service, and support for monitoring systems and security breaches, providing investigative analysis and supporting incident response plans, security awareness, risk assessments, document review, vendor risk, vulnerability management, and threat hunting. They will also support other security-focused tools and services and perform other duties as assigned. In addition, they may be asked to assist with risk assessments, forensics analysis, data collection, user training and other security related tasks.
Essential Functions and Responsibilities:
Functions as a senior lead IT Security Analyst in one or more of the following: penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention), auditing, risk analysis, compliance, security awareness, threat hunting, vendor risk analysis and identity and access efforts.
Functions in abstract, conceptual, and architectural work as in granular technical implementation and configuration work.
Supports the creation of tools, processes, and communications that support information security initiatives. Participates in the development of security policies, standards, and procedures.
Develops and maintains a risk mitigation strategy for the organization that includes a determination of inherent risk, residual risk, and risk tolerance.
Develops and applies policies, standards, and procedures.
Analyzes phishing emails utilizing industry standard tools.
Monitors Endpoint Security utilizing tools such as DLP, HIPS, Client Proxy, EPP, IPS/IDS and local firewalls to establish a baseline and identify anomalous behavior. Understands data encryption strategies. Strives for optimal policy of balance in security and performance.
Participates in tactical projects as they arise to clarify and responds to identified security risks across different technical domains. Assists in project testing and technical documentation.
Executes established security practices with consistency and discipline. Monitors alerts for security incidents and escalate, as needed. Process large quantities of data based on significance.
Collaborates with engineers to support standardized practices and follow routine processes to promote secure systems. Recommends new tools for penetration testing, assessment, and secure product validation.
Identifies and creates process improvements.
Processes service request tickets efficiently and reliably.
Participates in Correction of Errors (CoE), often with members of other teams.
Participates with incident response activities.
Participates in risk assessment activities.
Monitors and tests fixes and patches to ensure vulnerabilities have been appropriately mitigated.
Continuously monitors tools for events that could lead to an incident and work with business partners to ensure data protection and remediation.
Understands the implications of privacy laws and regulations (i.e. GDPR and CCPA).
Responsible for tuning and filtering of events and information, creating custom views and content using available tools following approved methodology.
Facilitates an effective response to vendor risk assessments using industry-standard methods (i.e. SIG, HECVAT, VSAQ, or CIS, SANS Top 20) as well as business requests for information (ROIs)
Consults with various areas of the business as an information security subject matter expert
Leads correlation efforts with data from IPS/IDS with data from other sources.
Mitigates misuse, malware, or unauthorized activity on monitored networks.
Performs activities needed to demonstrate regulatory compliance.
Administers security information and event management including devices, watch list, alerting, threat feeds, and problem resolution.
Administers a SIEM, including devices, watch list, alerting, threat feeds, and problem resolution.
Researches emerging security technologies, tactics, trends, and exploits. Prepares reports and presentations periodically for management and developers.
Participates in ongoing status meetings to update Information Security members of initiatives and ongoing projects.
Maintains user security by evaluating security standards and access controls.
Manages security test lab including daily activities, documentation, maintenance, component installation/configuration, and facility evolution.
Provide policy and technical advice to internal stakeholders to ensure new initiatives conform to current corporate security architecture.
Applies design theories and principles in researching, designing, and developing, while maintaining security architectures of the company.
Contributes to security operations and technology projects that have tactical and operational impact to all business segments of WGU.
Supports the creation and maintenance of an effective security architecture for the corporation that maps to business requirements.
Collaborates with IT leadership and other business leaders to provide integrated security planning and recommendations for innovative technologies that will enhance the current security posture of the organization system protection.
Manages subscriptions to vendors’ security/vulnerability alerts and assess vendor alerts by establishing a response plan based on the platform, severity, and applicability of the threat.
Reviews and maintains inventory and documentation for “golden images” for all operating systems from security and baseline configuration perspective
Performs other related duties as assigned.
Knowledge, Skill and Abilities:
Maintains knowledge of NIST, ISO, and PCI-DSS standards as well as FERPA, GLBA, GDPR, HIPAA, FTC regulations. Contributes to developing assessment plans building on the methodologies promoted by these standards and regulations to quantify risk.
Maintains proficiency with computing technologies (Windows Server, Linux, databases, TCP/IP network stack, scripting languages, etc.)
Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies.
Ability to use network management tools to analyze network traffic patterns.
Ability to tune sensors, read, and interpret signatures.
Ability to create alerts and automated responses.
Ability to generate and articulate performance metrics.
Ability to identify and communicate the risk of vulnerabilities.
Ability to identify internal and external trends to identify risks.
Ability to articulate risk to management.
Execute established security practices with consistency and discipline
Results oriented, self-motivated, and self-directed.
Familiarity with network architectures, network services & devices, system types, development platforms, and software suites (Microsoft, Cisco, Oracle, Linux, etc.)
Technical skills in patch and vulnerability assessment, analytical theory, networking, operating systems, incident response methodology and ability to compose management level summaries as needed.
Understanding and working knowledge of security forensics.
Works well with others, maintaining a positive work environment by communicating in a manner to promote positive relations with customers, co-workers, and management.
Effective communication skills with the ability to communicate with purpose, clarity, and accuracy.
Excellent analytical, problem solving, and decision-making skills required. Identifies and resolves problems in a timely manner with a solution driven approach to problems.
Demonstrated pragmatic, adaptable, and result-driven approach to information security risk management.
Methodical, data-driven approach to security and risk analysis; ability to think imaginatively in order to implement security improvements
Competencies:
Organizational or Student Impact:
Follows technical/ business processes; helps support change when necessary.
Executes complex, specialized technical projects/assignments.
Responsible for major or many components in the area of expertise.
Limit errors to prevent impact to client operations, costs, or schedules.
Problem Solving & Decision Making:
Individual meets department and personal goals with little direction/ supervision.
Leads key technical projects, programs and may facilitate leadership and development of technical teams.
Drives project methods, techniques, and procedures.
Communication & Influence:
Communicates with parties within and outside of the university (e.g., customers, vendors, etc.)
Works to influence parties within and outside of the job function at an operational level regarding policies, procedures, and practices.
Leadership & Talent Management:
Responsible for providing guidance, coaching, and training to other employees within the technical area.
Responsible for managing significant/complex technical projects at this level, involving delegation of work and review of work products.
Job Qualifications:
Minimum Qualifications:
Bachelor’s Degree in a related field or equivalent
5 years of Information Security experience
Experience with security industry standards and best practices. Proven experience with interpreting and implementing those standards in a corporate environment.
Experience with open-source security tools (i.e. Kali, Nessus, Fortify, AppScan, Nexpose, SAINT, Burp, NMap, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng, Eramba, etc)
Preferred Qualifications:
Relevant security certifications– (CISSP, GIAC, ISACA, CEH, etc.) Certifications.
Experience recommending additional security requirements and safeguards
Experience in the development of end user operating manuals and documentation
Familiarity with Cloud infrastructure
Experience preparing System Security Plans and supporting Cybersecurity/IA testing.
Experience with NAC and MDM.
Knowledge of OWASP a plus.
#LI-AW2
The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.
At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:
How to apply: apply online
Full-time Regular Positions (FT classification, standard working hours = 40)
This is a full-time, regular position that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.
The University is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.