The Information Security Analyst is part of, and provides valuable support to the other members of, the Grinnell College Information Security Team. In particular, the Analyst monitors the College’s security assets for vulnerabilities or potential incidents, developing standards and procedures and creating use cases as part of the established incident response process. Assisting with the evaluation and remediation of day-to-day alerts from key security tools, the Analyst reviews daily threat intelligence and manages and monitors Security Information and Event Monitoring (SIEM) platforms.
Responsible for developing and maintaining baseline configuration standards, the Analyst also evaluates proposed changes from a security perspective and has an active role in the development and maintenance of controls related to operational risk management for the Grinnell College systems security plan. This includes curating metrics that support and inform the information security program.
Working alongside the Senior Information Security Analyst, the incumbent assesses potential risks prior to the deployment of campus technologies and schedules and analyzes campus-wide vulnerability management scans.
This position is eligible for remote work as defined by the College’s Remote Work Policy.
Bachelor’s Degree [Candidates who have not attained a four-year degree may substitute four years of professional experience.]
1-3 years of working in an Information Security environment working as either an Analyst or similar position (including as a Penetration Tester).
1-3 years of working in a technical environment in either Network Engineering, Systems Administration, Application Development, or support of database management.
Knowledge of Network, System and Application Security best practices.
Ability to analyze complex and often fast-moving situations to bring alternative scenarios to the Information Security team to present options for remediation of risks.