400 S. Orange Ave South Orange, NJ 07079 | Direct Hire
Title: Information Security Analyst
Location: North NJ
Salary: Up to $90, 000 annually
The Information Security Analyst is responsible for information security policy development and maintenance; design of security policy education, training, and awareness activities; monitoring compliance with university IT security policy and applicable law; and coordinating investigation and reporting of security incidents. Working with the Information Technology Services (ITS) Systems Support and Networking teams, the Information Security Analyst will monitor, assess, and fine-tune the UITS disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.
- Monitor and advise on information security issues related to the systems and workflow to ensure the internal security controls for the campus are appropriate and operating as intended.
- Monitor and review all security systems logs, create dashboards and provide management reports from security systems (IPS, Firewalls, SIEM, etc.).
- Coordinate and execute IT security projects for the university.
- Provide recommendations on security enhancements based on data collected from security systems.
- Coordinate response to information security incidents.
- Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Conduct campus-wide data classification assessment and security audits and manage remediation plans.
- Collaborate with IT management, the legal department, public safety, and law enforcement agencies to manage security vulnerabilities.
- Create, manage and maintain user security awareness.
- Conduct security research in keeping abreast of latest security issues.
- Prepares documentation, including department policies and procedures, campus notifications, Web content, and security alerts.
- Actively participate in the higher education security community such as Educause, REN-ISAC, Unisog, etc.
- Perform other related duties as assigned.
- BA or BS in Computer Science, Management Information Systems, or related field. Advanced degree desirable.
- Five+ years of progressive experience in computing and information security, including experience with security issues.
- Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
- CISSP, GIAC, or other security certifications desired.
- Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis. Strong analytical and problem-solving skills.
- Excellent communication (oral, written, presentation), interpersonal and consultative skills.
If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!