Department: Information Technology
Summary
The Information Security Analyst works as part of a team dedicated to protecting MTU's information systems and data. Information Security Analysts are responsible for administering security systems and services, engaging in threat hunting, supporting incident response, monitoring systems, and responding to alerts. The successful candidate will be self-motivated, possess a strong desire to learn and grow, and have experience in one or more of the following domains: security operations, risk and compliance, systems administration, network administration, and/or desktop support.
Because this position is typically a frontline role with significant customer interaction, effective communication, project, and time management skills are required. Familiarity with programming or scripting languages and use of those in task automation is a plus.
You will become part of a culture that empowers employees, treats them with respect, and encourages innovation and open communication.
Responsibilities and Essential Duties
1. Investigate and respond to security alerts, events, and operational items (trouble tickets, automated and user-generated alerts, vulnerability reports, third-party reports, etc.).
2. Administer security systems and platforms to support daily operations of the Information Security and Assurance office, including firewalls and other border or network security systems, endpoint security tools including EDR, PAM, EPM, endpoint configuration management, MDM, SIEM, vulnerability management, email security, etc.
3. Using security tools and cyber threat intelligence (CTI), engage in threat hunting, incident response, and legal/compliance support, including forensic analysis of files, systems, devices; forensic imaging, legal holds and archiving; network traffic analysis including analysis and correlation of PCAP and other traffic capture; firewall log analysis, SIEM alert and report triage, etc.
4. Evaluate, implement, review, and verify functionality of security tools and controls.
5. Maintain professional knowledge around relevant topics, engage in professional development activities, participate in internal and external meetings with key stakeholders and governance groups.
6. Engage in routine risk assessment and mitigation activities; support internal and external audits and assessments as required.
7. Commit to learning about continuous improvement strategies and applying them to everyday work. Actively engage in University continuous improvement initiatives.
8. Apply safety-related knowledge, skills, and practices to everyday work.
Required Education, Certifications, Licensures
* Bachelor's degree in system administration, cybersecurity, information systems, or a comparable degree program; OR an equivalent combination of education and professional experience.
* Able to obtain a U.S. Department of Defense secret-level security clearance.
* Must be a U.S. citizen
Required Experience
Applicants should have documented experience sufficient to demonstrate the ability to meet the essential duties and responsibilities as well as the required knowledge, skills, and abilities. This could include one or more years of experience in an information security, risk, and/or compliance role; two or more years of experience as a systems administrator; or three or more years of progressively responsible experience as a helpdesk analyst.
Desirable Education and/or Experience
* Experience with incident response and security systems administration
* Experience administering and/or utilizing a SIEM solution
* Certification in an information security, risk, or data compliance-related domain (CompTIA Security+, SANS GIAC, ISACA CISA, vendor-specific, etc.)
Required Knowledge, Skills, and/or Abilities
* Moderate level of knowledge related to IT security and best practices.
* Ability to follow documented procedures and to document new procedures.
* Basic knowledge of and scripting/programming ability in Python, PowerShell, or other languages/tools.
* Operational knowledge of networking concepts, including DNS, DHCP, IP addresses and subnetting, and other common network protocols.
* Good communication skills including both written and oral communication and experience presenting information to diverse audiences with varying levels of technical knowledge.
* Demonstrated interest in learning new technologies and tools and integrating them into day-to-day operations.
* Ability to thrive in an environment with short deadlines, evolving challenges, and multiple simultaneous projects while maintaining good judgment, proactive communication, and prompt resolution of any issues.
Desirable Knowledge, Skills, and/or Abilities
* Understanding of cybersecurity compliance frameworks such as NIST, ISO27001, etc.
* Experience working in a higher education environment or an environment with open, diverse networks and systems.
* Experience working with customers in a customer support environment.
* Experience with any of the following: CrowdStrike Falcon, Rapid7 InsightVM, Splunk, Google SecOps, Microsoft Sentinel, Microsoft Defender for Endpoint, Microsoft Intune, Microsoft System Center Configuration Manager (SCCM), Palo Alto firewalls, F5 VPN, Cloudflare, Duo Security, Checkpoint Harmony.
* Experience administering and/or auditing Microsoft Active Directory, Azure Active Directory / Entra ID, Google Workspace and Microsoft 365
* Demonstrated success in working with persons with a wide variety of personal characteristics and viewpoints.
Work Environment and/or Physical Demands
WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee... For full info follow application link.
Michigan Technological University is an Equal Opportunity Educational Institution/Equal Opportunity Employer that provides equal opportunity for all, including protected veterans and individuals with disabilities.
