New York, New York
Denver, Colorado
Frankfurt am Main, Germany
Posted: 04-Oct-22
Location: New York, New York
Salary: Open
Internal Number: IRC28497
The Rockefeller University seeks an Information Security Analyst (Salary Range: $110K - $135K) to join Information Technology. Reporting to the Chief Information Security Officer (CISO), the Information Security Analyst works with Information Security (InfoSec) and Information Technology (IT) colleagues to ensure the security and confidentiality of information assets at the university. This position works closely with key business users, incorporates feedback from end users, and assists with developing a holistic data and systems security plan. Focusing on administration and management of various InfoSec systems such as network access control (NAC), anti-virus (including Extended Detection & Response (EDR)), and two-factor authentication systems, the role requires a working knowledge of network security, operating system security, assessing compromised computers and vulnerability assessments. The ideal candidate must be able to draft written policies and procedures and evaluate vendor products. Responsibilities include but are not limited to communicating and collaborating with IT to ensure levels of risk are correctly identified and information security systems are functioning at optimal performance. Analyze short and long-term system security needs by evaluating security software and related technologies to improve performance and increase usage. Participate in formulating and implementing security policies regarding firewall rules and intrusion detection filters. Monitor, maintain, and upgrade software and security components of the network by using tools to evaluate network and system capability and functionality. Participate in creating and updating standards and reference architectures for use across the university. The information security analyst runs periodic infrastructure assessments and audits to build proper threat modeling to ensure good security services design. This includes penetration tests, tabletop exercises, and other best practice assessments. Closely monitor platform vendors for security patches and fix and work broadly with IT staff and application owners to ensure timely updates. Provide security consulting support for IT groups supporting desktops and servers, as well as with end-users. Assist with maintenance of user and vendor VPN systems, centralized SIEM logging systems, anti-virus/anti-spam EDR systems, and other security-related systems. Develop and execute procedures for monitoring network inconsistencies.Work as part of the Incident Response Team; Respond to after-hours incidents and outages. Communicate their fitness for adoption to stakeholders. Act as a liaison with other members of the IT Department and the University on software evaluations and architectural transitions. Basic familiarity with third-party regulations and standards, including PCI, FERPA, and HIPAA. Perform other duties and special projects as assigned.
A Bachelor's degree in computer science, information systems, or equivalent education, training, and experience is required. 3-4 years of relevant network and information security experience. Experience with Windows, OSX Unix/Linux and NAC, EDR, VPN, and MFA. Working knowledge of networking protocols and routing, network monitoring tools, vulnerability scanners, firewalls, routers, switches, and other security devices. Knowledge of SSL, DNS, encryption, and web services. Strong analytical, verbal, and written communication skills. Experience with Microsoft Office (Word, Excel, Outlook, PowerPoint).
We offer an excellent benefits package, tuition reimbursement and a competitive salary. The Rockefeller University is located on Manhattan's Upper East Side, on a 15-acre campus, along the East River (www.rockefeller.edu/views.php).
The Rockefeller University is an Equal Opportunity Employer - Minorities/Women/Disabled/Veterans.
Click here to apply directly using The Rockefeller University website.
