Overview

JOB SUMMARY:   

Reporting to the Head, Risk Management, the Information/Cyber Security Analyst is responsible for information security policy development and maintenance; design of security policy education, training, and awareness activities; monitoring compliance with branch IT security policy and applicable law; and coordinating investigation and reporting of security incidents. Working with the Information Technology department, the incumbent will monitor, assess, and fine-tune the UIS IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

ESSENTIAL FUNCTIONS AND ACCOUNTABILITIES:

  • Assists in the implementation of data access security measures by identifying, analyzing and resolving security and system problems relating to data access security, applications, programs and functions;
  • Monitors computer data network system, including LAN and WAN, firewall and anti-spam data security infrastructure;
  • Investigates incidences of data access violations and data corruption or loss and reports findings to supervisor for direction or resolution;
  • Maintains the information systems security database by joining or separating users to various system applications; coordinates the registration of users to the system and respective access levels with departmental coordinators;
  • Monitors and audits the information system security database to isolate and identify occurrences of illegal or unauthorized access; prepares reports and/or memoranda recommending corrective action;
  • Investigates and corrects security related problems to ensure data information system integrity;
  • Performs analyses of data security systems to keep management informed of system utilization patterns; prepares reports on same;
  • Coordinate response to information security incidents
  • Create, manage and maintain user security awareness

MINIMUM QUALIFICATIONS:

  • BA or BS in Computer Science, Management Information Systems, or related field.
  • 5-7 years of progressive experience in computing and information security, including experience with Internet technology and security issues.
  • Experience should include network security, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired.
  • Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
  • Strong analytical and problem solving skills.
  • Excellent communication (oral, written, presentation), interpersonal and consultative skills.
  • Cloud environment experience a plus

To apply for this job email your details to margaret@mjboyd.net