The Senior Security Analyst position is responsible for technical and thought-leadership duties for multiple information security disciplines such as incident response, vulnerability management, intrusion detection and prevention, threat hunting, security operations, security policy, and awareness/education; oversight of information security incident response activities, risk assessment and risk management activities, and vulnerability assessment and vulnerability management activities spanning University and business units; managing detailed network, operating system, database, and application vulnerability assessments and security configuration audits; managing information security initiatives; oversight of operational tasks supporting information security functions such as intrusion detection and prevention, security event log analysis, management reporting, malware prevention and remediation, encryption, network segmentation, remote access, cloud security, and authentication; supporting, maintaining, monitoring, troubleshooting and enhancing security infrastructure tools, methodologies, software, and hardware; drafting and reviewing information security policies, processes, and procedures; reviewing information security awareness and education materials and other documentation; determining and documenting information security requirements and controls necessary for the protection of information resources; providing guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations; independently maintaining automated tools and methodologies in support of Information Security functions; analyzing data from Information Security functions and providing reports and recommended response actions to Information Security management; representing Information Security to other organizations on information security related matters, as assigned; publishing regular status reports and submission to management; and performing other related tasks as assigned.

1. Bachelor’s degree in a related field
2. Minimum of five years of related IT experience
3. Demonstrated technical expertise in multiple information security domains
4. OR an equivalent combination of education, training and experience
5. Excellent team participation skills
6. Good written and verbal communication skills

1. Knowledge of information security technologies, methodologies, and best practices in the domains of: security incident response, vulnerability assessment and management, intrusion detection and prevention, system administration (Windows, OS X, Linux, etc.), security administration of networks, operating systems, databases and applications, access control, encryption, firewalls and proxies, networking, security event log analysis, malware prevention and remediation, cloud technologies, programming/scripting, and risk assessment and management
2. Security certifications (e.g. SANS/GIAC, CISSP, CISA, CISM).

Monday through Friday
8:00am-5:00pm
Additional hours as needed for various security updates and projects

NA

Qualified applications will be made available to the department/committee for review immediately upon submission. We ask that you provide email addresses for your reference providers and please be certain that the email addresses you list are accurate. If you are selected as a candidate for consideration by the department/committee, an instructional email will be sent to your reference providers to ask that they submit a reference letter on your behalf via a link to our reference portal. Separate reference letters will be requested for each position to which you apply (if applicable), so your reference providers will be contacted separately for each application on which you list them. Reference letters will not be copied from one application to another. You can assure your reference providers that our system is secure and that all letters are confidential. If your reference providers have trouble using the reference portal, please advise them to contact jobs@troy.edu.