The Security Analyst will be working within a team in multiple areas of security operations across all campuses. Collaborate on incident response, vulnerability management, endpoint security and application security. Develop, maintain and document other security operational analysis processes as needed.
Duties:
Responsible for monitoring the security systems.
Responsible for securing online and on-premises infrastructures, filtering out suspicious activity, and finding and mitigating security risks before any breaches can occur.
Leads efforts to counter security breaches and anticipates and reduces the likelihood of future security alerts, incidents, and disasters.
Defines, plans, implements, maintains, and upgrades security measures, policies, and controls.
Ensures the security systems are up to date. Installs and uses software such as firewalls and data encryption programs to protect sensitive information.
Monitors security access and maintains the relevant data.
Conducts vulnerability testing and risk analyses to assess security. Performs internal and external security audits.
Analyzes security breaches to identify the cause and to update incidence responses and disaster recovery plans.
Assist in conducting internal investigations in accordance with established policies and Incident Response playbooks.
Participate in the implementation of a complete set of incident response workflows, including automation and vulnerability response.
Test procedures regularly with internal teams.
Mitigate operational risks and bring them to an acceptable level for management.
Develop, maintain and document operational analysis processes.
Develop, maintain and document operational vulnerability management processes and procedures.
Performs various duties as needed to successfully fulfill the function of the position.
**The position will be located on OUHSC or Norman campus with a hybrid work model option for experienced candidates.**
Required Education: Bachelor's degree, AND:
24 months experience in IT Security Administration or a related field
Equivalency/Substitution: Will accept 48 months related experience in lieu of the bachelor's degree for a total of 72 months experience.
Skills:
Ability to work in a high-stress environment
Excellent verbal and written communication skills, interpersonal, and teaching skills
Advanced anticipation, analytical, and problem-solving skills
Ability to remain current on the latest technology and best practices in information security
Detail oriented for accuracy of data and information
Knowledge of ports and services typical in configuration of web servers, file servers, and workstations
Demonstrated understanding of Windows/Mac/Linux operating system and infrastructure vulnerability scanning and configuration
Knowledge of and experience with the CVE program, Common Vulnerability Scoring System (CVSS), and other industry specific vulnerability classification standards, frameworks, and best practices
Ability to communicate vulnerability details and remediation steps
Certifications:
None
Advertised Physical Requirements:
Physical: Sit for prolonged periods. Ability to engage in repetitive motions. Manual dexterity. Communicates effectively and listens.
Environmental: Office Work Environment. May be on call outside of normal business hours.
Departmental Preferences:
Experience with EDR technologies a plus.
Experience supporting enterprise vulnerability management a plus
Understanding of network services, vulnerabilities, and attacks a plus
Knowledge of application exploits and vulnerabilities a plus
Supervision: None
Special Instructions: If you are selected as a final candidate for this position, you will be subject to The University of Oklahoma Norman Campus Tuberculosis Testing policy. To view the policy, visit https://hr.ou.edu/Policies-Handbooks/TB-Testing.
Diversity Statement: The University of Oklahoma is committed to achieving a diverse, equitable, and inclusive university community by recognizing each person's unique contributions, background, and perspectives. The University of Oklahoma strives to cultivate a sense of belonging and emotional support for all, recognizing that fostering an inclusive environment for all is vital in the pursuit of academic and inclusive excellence in all aspects of our institutional mission.
Equal Employment Opportunity Statement: The University of Oklahoma, in compliance with all applicable federal and state laws and regulations, does not discriminate based on race, color, national origin, sex, sexual orientation, genetic information, gender identity, gender expression, age, religion, disability, political beliefs, or status as a veteran in any of its policies, practices, or procedures. This includes, but is not limited to, admissions, employment, financial aid, housing, services in educational programs or activities, and health care services that the University operates or provides.