Information Security Analyst (Information Technology Consultant – Career)

Minimum five years progressive experience in computing and information security, including experience with Internet technology, cloud services, and security controls; Experience with developing security policy and conducting security awareness training; Information security and/or privacy certifications (CISSP, CEH, SANS, CIPT, CHSE); Knowledge of information security standards (e.g, ISO 17799/27002, etc.), rules and regulations/compliance related to information security and data confidentiality (e.g, GLBA, FERPA, HIPAA, PCI, etc.).

Experience providing risk assessments and security recommendations in higher education; Experience managing IT security audit processes and mitigation tracking; Extensive knowledge of risk assessments and risk registers for information security and privacy.

Experience with security penetration testing, web application vulnerability assessments; familiarity with Vulnerability Management tools such as Qualys, OpenVAS, Nessus; Experience administering security operations processes; Extensive knowledge of desktop, server, application, database, and network security principles for risk identification and analysis. Experience with common IT and security concepts, including firewall management, server management, web proxies, access control and authentication; Solid understanding of TCP/IP networking, common networking ports and protocols, traffic flow, OSI model, and defense-in-depth and common security best practices; Extensive experience in programming and systems architecture, with working experience with at least one scripting tool, Perl, Python, Ruby, and UNIX shell scripts; Strong knowledge of threat and abuse detection, investigation, and analysis methods and experience with SIEM tools. Knowledge of Linux and Windows operating systems.

Demonstrated commitment to training, self-study, and maintaining proficiency in the technical cybersecurity domain; Project management experience with demonstrated success in leading complex IT projects in non-profit/higher education environment preferred; Experience mapping business processes and translating needs into solutions; Excellent analytical and problem-solving skills; Work independently to solve complex computing problems while balancing multiple priorities with varying scope and timing. Be process-minded, detail-oriented and committed to timely response to security-related incidents; Work in a fast-paced environment with deadlines; Excellent interpersonal communication skills: the ability to work through conflict to reach viable and feasible business decisions; Very strong ability to reason logically and creatively to identify and resolve problems; Ability to read, write and speak fluently in English, and to be patient, diplomatic, and professional under all circumstances; Experience providing support to “highly visible” offices; Ability to relay technical information effectively to non-technical users; Function effectively as a member of a team and participate in activities and assignments that will benefit other members of the team or will contribute to the accomplishment of team objectives.