Catholic University Of America Washington , DC 20319
Posted 3 weeks ago
Posting Title
Cyber Security Analyst II
Overview
Technology Services serves the University by providing access to high quality, state-of-the-art, computing, communications and information resources through the Internet, local and wide area networks, databases and libraries, and by supporting the management information needs of the University. Design and implement security systems to protect organization's computer networks from cyber attacks, and help set and maintain security standards. Position is located on campus and is not remote.
Responsibilities
Design, implement, manage, and monitor technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the University's information assets.a. Maintain a current understanding of regulatory requirements governing the use, governance and availability of University information systems. b.
Analyze findings from security monitoring systems, and recommend and coordinate the implementation of any necessary remediation.c. Assist in the development of operating procedures and policies and the implementation of a unified approach to attaining, documenting, monitoring, and maintaining compliance with institutional policy and procedures.d. Develop and communicate business-based justifications for security initiatives.e.
Research and recommend security controls, information security tools and services and other information security initiatives.f. Assess systems, processes, and projects for compliance requirements, control objectives, and security best practices; including interacting with internal and external technical and functional staff.
Serve as a University resource for IT security operations and initiatives.a. Facilitate cross-functional teams to implement security controls and initiatives.b.
Assist system, application, and data owners/custodians with selecting and documenting controls, policies and procedures.c. Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments.d. Train and educate internal groups as required.
Design and implement information security projects for the Universitya. Design and develop project plans to enhance the information security capabilities; research methodologies and products, and establish technical requirements; define project scope, requirements, and deliverables, and develop a project plan to meet objectives.b. Coordinate project activities, including performing assigned tasks and coordinating with external providers or contractors, ensuring project remains on schedule and that work accomplished meets specifications.
Qualifications
A Bachelor's Degree and a minimum of five (5) years' progressive experience in IT information security, with materially demonstrable experience configuring systems for information security. Experience in higher education is preferred, but willing to consider experience in government and private sectors.
Mastery of, and skill in applying:● IT concepts, principles, methods, practice, and critical thinking.● Information security and risk management concepts, practices and standards (e.g., ISO 17799/27002, 27001, 310000/31010)● Regulations related to information security and data confidentiality (e.g., PCI-DSS, HIPAA, FISMA, GLBA, HEOA, FERPA, and DMCA)
● Identity and Access Management concepts, practices and standards● Quality management and quality assurance concepts, practices and standards (e.g., ISO 9000 and related in ISO/TC 176)● Microsoft Excel or Google Sheets, including advanced spreadsheet manipulation● Microsoft Visio, PowerPoint or other visual presentation tools
Knowledge of the following is highly desirable:● Relational data systems and concepts, including writing SQL queries; Oracle Database, Microsoft SQL Server experience is a plus● Oracle PeopleSoft, especially Campus Solutions, Human Capital Management, Financials● Project management concepts, practices and standards (e.g., PMI PMBOK)
Current security fundamentals/essentials-level certification is required (i.e., one of the following):● CompTIA Security+● GIAC Security Fundamentals (GISF)● GIAC Security Essentials (GSEC)
Current certification in one or more of the following is highly desirable:● CompTIA Advanced Security Practitioner (CASP)● Google Cyber Security● GIAC Information Security Professional (GISP)● ISACA Certified Information Systems Auditor (CISA)● ISACA Certified Information Security Manager (CISM)● (ISC)² Certified Information Systems Security Professional (CISSP)● CompTIA Network+● CompTIA Project+● GIAC Certified Project Manager (GCPM)● Project Management Institute Project Management Professional (PMP)
D. Other Knowledge, Skills and Abilities Needed:● Ability to work effectively in teams, both as a member and leader● Excellent written and verbal communication skills● Ability to communicate confidently at all levels of management● Extremely detail oriented and thorough● Strong analytical skills
Catholic University Of America