Information Security Analyst
Valencia College

Job Info

---

Position Number:

SE1986.00000

Position Title:

Information Security Analyst

Job Type:

Staff

FT/PT:

Full-Time

Employee Class Description:

P1-Staff exempt

General Position Description:

The Information Security Analyst provides day-to-day operational support to safeguard the college's information security program. This role works with cross-functional teams to design, implement, and maintain security controls and monitors the college network, enterprise systems, enterprise applications, and other administrative/academic systems and services for policy enforcement and compliance. Exercises considerable initiative, independent judgment, and discretion on a regular or daily basis.

Grade:

2033

Exemption Status:

Exempt

Posting Number:

S2820P

Location(s):

Orlando, FL 32811 - West Campus

Proposed Work Schedule (Please note hours subject to change based on business needs):

Monday to Friday: 8am to 5pm

Number of Vacancies:

1

Posting Start Date:

10/01/2024

Posting End Date:

11/12/2024

Open Until Filled:

No

Quicklink for Posting:

https://valenciacollege.peopleadmin.com/postings/36989

Temporary Position (Temp or Grant Funded) Details:

N/A.

Salary Range:

 $59,576 - $67,321

Description of Job Function:

1. Analyzes and tracks all security-related audit and risk assessment findings and/or issues relating to information security to help ensure adequate and timely resolution. Assesses current and future requirements and develops technical and operational solutions accordingly.

Description of Job Function:

2. Evaluates events, alerts, notifications, and reports from both internal and external sources, including security incident and event management and other monitoring platforms to detect, respond to, and implement measures to mitigate information security related risks.

Description of Job Function:

3. Develops specifications and standards for equipment, software, and procedures in support of college policies to ensure data loss prevention and security breaches.

Description of Job Function:

4. Provides guidance with internal and external technical staff and consults with project teams at various stages of project cycles. Serves as subject-matter expert in assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices (e.g., security vulnerability scanning, penetration tools and platforms, advanced network and application firewalls, endpoint detection and response).

Description of Job Function:

5. Identifies and analyzes potential security risks and vulnerabilities for the college's IT infrastructure, systems, and applications. Develops strategies by evaluating, auditing, and making recommendations to identify vulnerabilities and weaknesses in security controls to mitigate those risks.

Description of Job Function:

6. Monitors security systems and tools to detect potential security breaches, intrusions, or malicious activities. Responds promptly to security incidents, investigates root causes, and implements remediation measures.

Description of Job Function:

7. Collaborates with other team members and vendors to implement effective controls and security measures by working closely with cross-functional teams, including IT systems administrators, network team, vendors, and other college team members, to ensure security requirements are implemented.

Description of Job Function:

8. Maintains accurate records of security incidents, investigations, and remediation activities. Prepares detailed reports and presentations, when required, highlighting key findings, risks, and recommendations.

Description of Job Function:

9. Assists with designing, implementing, and testing disaster recovery procedures to main critical functions after an emergency or unexpected events such as security breaches, power outages, natural disasters, or a pandemic. Works with leadership to enhance business continuity, such as data back-ups and remote work protocols.

Description of Job Function:

10. Remains up-to-date on emerging threats and technologies to maintain the college's information security and mitigate potential risks to enhance effective decision-making, understanding when it is appropriate when to escalate emerging threats to OIT leadership.

Description of Job Function:

11. Performs other related duties as required.

Drivers License Requirement:

Not Applicable

Required Minimum Education:

Bachelor's Degree from a regionally accredited institution, or any equivalent combination of related education, training, and/or experience which provides the required knowledge, skills, and abilities to perform the essential functions.

Other Required Qualifications:

Three (3) years of experience in network, systems, application and/or information security systems; including such things as technical security controls, endpoint detection and response, security incident and event management, advanced network and application firewalls, intrusion detection/prevention systems, data loss prevention; security vulnerability scanning, and/or penetration tools and platforms.

Preferred Type of Experience:

Experience with programming or scripting languages (e.g., python, php, java).
Experience with supporting internal/external audits.

Preferred Licenses/Certification:

Industry certifications in information security, audit, and/or risk management, e.g., CISSP, CISM, CISA, CEH.

Knowledge, Skills and Abilities:

Knowledge of risk management and compliance frameworks, data privacy/safeguard regulations and standards such as: FERPA, GLBA, HIPAA, PCI-DSS.
Knowledge of common information security frameworks and operating systems, such as NIST CSF, ISO 2700x, CIS Critical Security Controls.
Ability to work with minimal supervision both independently and as a member of a team.
Excellent interpersonal and communication skills.
Ability to effectively present information and respond to questions from managers, clients, and the college community.
Strong analytical skills with the ability to define problems, collect data, establish facts, draw valid conclusions, and make decisions independently.
Knowledge of information security risk assessment and relevant methodologies, with knowledge of vulnerabilities and exploits.
Ability to use policies, procedures, and guidelines, as well as applicable information security standards and regulatory requirements, providing technical and operational solutions for non-compliant environments.
Strong troubleshooting skills and ability to effectively resolve or escalate issues to management or vendor support areas as needed.
Ability to meet deadlines and achieve and maintain expected productivity levels. Handle multiple assignments through prioritization and time management.
Ability to prioritize and execute tasks in a high-pressure environment.
Ability to learn new technologies, systems and software and adapt to change on an ongoing basis.
Experience working in a team-oriented, collaborative environment.

General Working Conditions:

This job primarily operates in a professional office environment. The employee will routinely operate standard office equipment including but not limited to computers, keyboards, mouse, phones, photocopiers, printers, scanners, filing cabinets and fax machines. While performing the duties of this job, the noise level in the work environment is usually quiet to moderate.Typical physical competencies include but are not limited to frequently remaining stationary, moving, reaching, positioning self and occasionally ascending/descending, lifting/moving objects weighing between 5-15 pounds. This job also entails frequently communicating, discerning and exchanging information, detecting and perceiving objects up close, at a distance, and the ability to adjust focus. Cognitive abilities include but are not limited to frequently using discretion, judgment, reasoning, memory, learning, maintaining confidentiality, comprehension, problem solving, and decision-making.The typical work environment, physical and cognitive demands listed above are representative of those that must be met by an employee to successfully perform the essential functions of this job. The College has a process to identify and make available reasonable accommodations to enable individuals with disabilities to perform the essential functions.

---