Research Computing is looking for a skilled, self-motivated Information Security Analyst. This position will work with Research Computingâ™s Information Security Officer to implement and manage vulnerability scanning activities, system policy scanning, and perform auditing of system and application logs for malicious activity, unexpected changes, or violations of policy.
Additional responsibilities include assisting the RC Information Security Officer with Security Program administration, security assessments, risk analysis and reporting. This role will work to enhance Research Computingâ™s overall Information Security Program, primarily focusing on collaboration with the Minnesota Supercomputing Institute to improve program maturity and enhance services to the UMN Research Community.
The successful candidate will be responsible for a mix of day-to-day security operations including the development of monitoring and alerting, and creating automated or manual incident response workflows, analyzing, improving, and responding to vulnerability scan reports, analyzing, improving and responding to audit reports. Frequent collaboration across department units will be required.
Responsibilities: Security Operations (70%)
Develop and deliver Vulnerability scanning schedules, reports, and response procedures across targeted Research Computing systems
Develop System Policy Compliance scanning schedules, reports and response procedures across targeted Research Computing systems
Monitors systems, networks, databases, and web applications for potential system breaches
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to stop future incidents and improve security
Responds to alerts from information security tools
Collaborates with Research Computingâ™s Information Security Officer, Advanced Systems Operations engineers, and University Information Security to respond to, mitigate, and recover from security incidents
Information Security Program Activities (20%)
Assist the ISO with Risk Analyses and System Security Reviews
Assist the ISO with Test of Design & Effectiveness of existing safeguard implementations
Educates and communicates security requirements and procedures to users
Recommends changes to enhance systems security and prevent unauthorized access.
Ensures compliance with regulations, privacy laws and UMN policies
Other Activities (10%)
Conducts research on security trends, new methods, and techniques used in unauthorized access of data to eliminate the possibility of system breach
Participate in applicable professional organizations and conferences
Attend applicable training to stay current with ongoing policy and system updates and for professional development
Assist Information Security Officer with ad-hoc reporting or other responsibilities as assigned
Required Qualifications:
BA/BS plus at least two years of relevant experience, or Masterâ™s Degree
Experience in information security and/or IT risk management with a focus on security, performance and reliability
The University of Minnesota, founded in the belief that all people are enriched by understanding, is dedicated to the advancement of learning and the search for truth; to the sharing of this knowledge through education for a diverse community; and to the application of this knowledge to benefit the people of the state, the nation, and the world.