Information Security Analyst

Binghamton University Binghamton , NY 13901

Posted 4 months ago

About Binghamton University:

Binghamton University is a world-class institution that unites more than 130 broadly interdisciplinary educational programs with some of the most vibrant research in the nation. Our unique character - shaped by outstanding academics, facilities and community life - promotes extraordinary student success.

Binghamton merges rigorous academics, distinguished faculty and state-of-the-art facilities to engage and challenge its 17,000 students. The high-achieving Binghamton student body also represents a great diversity of life experiences, from first-generation college-goers to international students. Beyond their talent, these classmates share a desire to shape the future through technology, insight, intellectual exploration and community service.

Job Description:

Budget Title: Lead Programmer/Analyst (SL-3)

Salary: Commensurate with experience

The Information Security Analyst will be responsible for assisting the Chief Information Security Officer/Director of Information Security in developing and maintaining Binghamton University information security capabilities, implementing security controls, responding to information security incidents, and the monitoring of administrative, academic systems and networks for policy enforcement and compliance. The Information Security Analyst will work with cross-functional teams to design and implement security initiatives; serve as a resource person on specific information security technologies and technology-related compliance requirements.

The Information Security Analyst reports to the Chief Information Security Officer/Director of Information Security and works closely with Information Technology Services (ITS) leadership to build awareness and implementation of security controls, within the department and across the University.

In addition, the information security analyst will:

  • Maintain and develop information security software tools (unix/linux, python, php, and sql-based)

  • Recommend remediation strategies and technologies for mitigating risks

  • Evaluate current and future requirements and develop or recommend technical and operational solutions accordingly

  • Support and manage risk mitigation tools as needed

  • Develop specifications and standards for equipment, software, and procedures in support of University policies

  • Investigate internal and external reports of information security issues

  • Assist in analyzing results from intrusion detection systems, intrusion prevention systems, network mapping software, log analysis, and other tools to detect, respond to, and mitigate information security related vulnerabilities and incidents

  • Maintain audit and oversight of processes, procedures, and tools used to ensure security controls

  • Maintain metrics and prepare reports

  • Perform trend and root cause analysis

  • Liaison with various University constituencies on behalf of the CISO as needed

  • Serves as a resource person in assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices; interacts with internal and external technical staff and consults with project teams at various stages of project cycles

  • Must be able to maintain data confidentiality and compliance with regulatory requirements (HIPAA, FERPA, PCI, etc.).

Requirements:

  • Bachelor's Degree and two years of relevant experience or an Associate's Degree in Computer Science, Information Systems/Sciences, or related field with IT industry security certifications (i.e. CISSP, GIAC [GCFA, GCIH, GCED, GCWN, and/or GNFA], NIST Cybersecurity Framework [Foundation or Practitioner]) and at least five years of relevant experience (for example, information security analyst, Linux/Unix desktop or server support function, or Windows desktop or server support function)

  • Demonstrated strong written and oral communications skills

  • Ability to work with multiple constituencies within a culturally diverse environment

  • Experience working with programming or scripting languages (e.g., python, php, ruby, bash)

Position Preferences:

  • Practical experience with one or more relational database packages

  • A demonstrated understanding of network topologies, architectures, protocols, and addressing schemes

  • Knowledge of and a demonstrated ability to operate Unix and Windows-based security tools (e.g., nmap, Snort, group policy)

  • Experience in a university-based or a research technology environment

  • Experience in working in a large complex organization

  • Network management experience is desirable

  • The candidate demonstrates competence in the area of information security. This can be in the form of professional certificates or specific work experiences. These experiences should be detailed in a cover letter

Additional Information:

Offers of employment may be contingent upon successful completion of a pre-employment background check and verification of degree(s) and credentials.

Binghamton University is a tobacco-free campus.

Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Governor's Office of Employee Relations at (518) 474-6988 or via email at info@goer.ny.gov

Payroll information can be found on our website http://www.binghamton.edu/human-resources/payroll/

Cover letters may be addressed "To the Search Committee."

Postings active on the website accept applications until closure.

For information on the Dual Career Program, please visit:

https://www.binghamton.edu/human-resources/dual-career-program/

Equal Opportunity/Affirmative Action Employer

The State University of New York is an Equal Opportunity/Affirmative Action Employer. It is the policy of Binghamton University to provide for and promote equal opportunity employment, compensation, and other terms and conditions of employment without discrimination on the basis of age, race, color, religion, disability, national origin, gender identity or expression, sexual orientation, veteran or military service member status, marital status, domestic violence victim status, genetic predisposition or carrier status, or arrest and/or criminal conviction record unless based upon a bona fide occupational qualification or other exception.

As required by Title IX and its implementing regulations Binghamton University does not discriminate on the basis of sex in the educational programs and activities which it operates. This requirement extends to employment and admission. Inquiries about sex discrimination may be directed to the University Title IX Coordinator or directly to the Office of Civil Rights (OCR). Contact information for the Title IX Coordinator and OCR, as well as the University's complete Non-Discrimination Notice may be found here.

Application Instructions:

Deadline for Internal Applicants: July 19, 2019

Deadline for External Applicants: Open until filled

Review of applications will begin immediately and continue until the vacancy is filled.

Persons interested in this position should apply online.

Please submit:

  • Resume,

  • Cover letter, and

  • Contact information for three professional references

You may add additional files/documents after uploading your resume. After you fill out your contact information, you will be directed to the upload page. Please login to check/edit your profile or to upload additional documents: http://binghamton.interviewexchange.com/login.jsp.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Manager (Issm)

L3 Technologies

Posted 2 weeks ago

VIEW JOBS 10/2/2019 12:00:00 AM 2019-12-31T00:00 Information Systems Security Manager (ISSM) We are a company of innovators, game changers, and entrepreneurs. As a prime contractor, we provide a broad range of communication, electronic and sensor systems used on military and commercial platforms across the globe. We embrace innovative and progressive ideas to advance our products for military and commercial customers. The Electronic Systems Segment (ESS) provides a broad range of aerospace systems, security and detection systems, and pilot training. L3 Link Training & Simulation is a world leader in providing platform operators and maintainers with total training solutions that improve training effectiveness and efficiency and lower life-cycle costs in a secure cyber environment. L3 Link's innovative solutions provide a full spectrum of state-of-the-art training technologies, including high-fidelity immersive simulations, as well as distributed academic and interactive courseware. The company, headquartered in Arlington, Texas, has delivered military and commercial training systems to customer locations throughout North America, Europe, Asia, the Middle East and the Pacific Rim. We are searching for an Information Systems Security Manager (ISSM). The ISSM is responsible for the Cybersecurity/RMF Program for classified programs as directed by USG directives and requirements (e.g. JSIG RMF, other Customer/contract specific IA requirements, etc.). Responsibilities for this position include Implementation and oversight of Certification & Accreditation and Assessment lifecycle processes (including documentation preparation, system configuration, scans & validation), configuration change management processes (including hardware/software changes, account management, media control procedures and related documentation), conducting internal self-inspections of the cybersecurity program, executing an effective cybersecurity program to include continuous system audit reviews, education and training and information system delivery and maintenance. Also responsible for the definition, implementation, and maintenance of information system security policies, strategies, procedures and settings within the L3 Link classified environment. This includes the review and monitoring of Master System Security Plans, Information System Profiles, Network System Security Plans, Standard Operating Procedures, POA&Ms, and related addendums/attachments. This position will also be responsible for conducting investigations related to any information systems security violation involving classified information. * Develop/conduct risk assessment procedures for verification of Certification & Accreditation (C&A) RMF safeguards to meet various regulatory requirements based upon the JSIG RMF for DoD IT, and occasional support involving ICD 503/DCID, JSIG, NIST & STIG guidelines * Monitor cybersecurity Program compliance by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed * Work with program personnel to include System Administrators to ensure audit functions are performed properly * Develop corrective solutions and maintain associated documentation (to include required reports) as appropriate * Coordinate with program/project stakeholders, the Facility Security Officer (FSO), & Contractor Program Security Officers (CPSOs) and other Security and IT team members to define, implement and maintain an acceptable information systems security posture * Assist program personnel at offsite locations to ensure they meet USG certification requirements and are properly trained to execute the cybersecurity program effectively and maintain security compliance Our Values are an integral part of who we are. We seek candidates who share our values: * Integrity * Excellence * Accountability * Respect * Excellent communications skills, oral and written * Demonstrated strong critical thinking and problem solving skills * Detail oriented * Self-motivated * Confident personality with the ability to effectively prioritize multiple projects * Ability to work with people in a team environment and deal effectively with changing project priorities * Candidate must have demonstrated professional customer service skills * Ability to balance information security requirements with Link's mission, goals, and culture is critical Experience & Knowledge Requirements * In-depth knowledge and experience with technical configuration standards relating to information system security; experience configuring Windows operating systems, experience with server systems, thin client architecture, system virtualization and other related peripherals * Extensive knowledge and experience with certification/authorization requirements as outlined in the NISPOM, RMF, ICD 503/DCID, JSIG, NIST RMF & STIG and other USG IS/Security-related policies * Knowledge and experience with configuration/certification and auditing/analysis of Windows, Linux, Unix systems * System configuration would include stand alone, peer-to-peer networks, LANs/WANs * Experience in implementing Windows Active Directory Services, Group Policy, or Linux LDAP Services. * Applied experience with Windows PowerShell and Linux Shell Scripting. * Experience with security information and event management (SIEM) and data loss prevention (DLP) solutions. Certification Requirements * Candidate must provide evidence of DoD 8570 compliant: CISSP, CISA, CISM and/or other equivalent security certification Clearance Requirements * Active DoD Secret Clearance is required, and must be eligible for Top Secret Clearance SAVING LIVES AND MAKING THE WORLD A SAFER PLACE TO LIVE L3 Technologies, Inc. is proud to be an Affirmative Action/Equal Opportunity Employer. L3 provides equal employment opportunity for all persons, in all facets of employment. L3 maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks. We encourage all qualified applicants to apply for any open position for which they feel they are qualified and all will receive consideration for employment without regard to race, color, religion, age, gender, sexual orientation, gender identity, national origin, citizenship status, marital status, genetic information, disability, protected veteran status or any other legally protected characteristic. L3 Technologies Binghamton NY

Information Security Analyst

Binghamton University