Research Computing is looking for a skilled, self-motivated Information Security Analyst. This position will work with Research Computingâ™s Information Security Officer to implement and manage vulnerability scanning activities, system policy scanning, and perform auditing of system and application logs for malicious activity, unexpected changes, or violations of policy.
Additional responsibilities include assisting the RC Information Security Officer with Security Program administration, security assessments, risk analysis and reporting. This role will work to enhance Research Computingâ™s overall Information Security Program, primarily focusing on collaboration with the Minnesota Supercomputing Institute to improve program maturity and enhance services to the UMN Research Community.
The successful candidate will be responsible for a mix of day-to-day security operations including the development of monitoring and alerting, and creating automated or manual incident response workflows, analyzing, improving, and responding to vulnerability scan reports, analyzing, improving and responding to audit reports. Frequent collaboration across department units will be required.
Responsibilities: Security Operations (70%) - Develop and deliver Vulnerability scanning schedules, reports, and response procedures across targeted Research Computing systems
- Develop System Policy Compliance scanning schedules, reports and response procedures across targeted Research Computing systems
- Monitors systems, networks, databases, and web applications for potential system breaches
- Identifies security risks and exposures, determines the causes of security violations and suggests procedures to stop future incidents and improve security
- Responds to alerts from information security tools
- Collaborates with Research Computingâ™s Information Security Officer, Advanced Systems Operations engineers, and University Information Security to respond to, mitigate, and recover from security incidents
Information Security Program Activities (20%)
- Assist the ISO with Risk Analyses and System Security Reviews
- Assist the ISO with Test of Design & Effectiveness of existing safeguard implementations
- Educates and communicates security requirements and procedures to users
- Recommends changes to enhance systems security and prevent unauthorized access.
- Ensures compliance with regulations, privacy laws and UMN policies
Other Activities (10%)
- Conducts research on security trends, new methods, and techniques used in unauthorized access of data to eliminate the possibility of system breach
- Participate in applicable professional organizations and conferences
- Attend applicable training to stay current with ongoing policy and system updates and for professional development
- Assist Information Security Officer with ad-hoc reporting or other responsibilities as assigned
|