Senior Information Security Analyst Hybrid Opportunity
Senior Information Security Analyst Hybrid Opportunity
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About UMass Amherst
The flagship of the Commonwealth the University of Massachusetts Amherst is a nationally ranked public landgrant research university that seeks to expand educational access fuel innovation and creativity and share and use its knowledge for the common good. Founded in 1863 UMass Amherst sits on nearly 1450acres in scenic Western Massachusetts and boasts stateoftheart facilities for teaching research scholarship and creative activity. The institution advances a diverse equitable and inclusive community where everyone feels connected and valuedand thrives and offers a full range of undergraduate graduate and professional degrees across 10 schools and colleges and 100 undergraduate majors. We believe every member of our university community can contribute to our ongoing success by striving for the highest level of excellence as we seek breakthrough solutions to mounting environmental social economic and technological challenges in our world.
Job Summary
The Senior Information Security Analyst is a strategic and seniorlevel analyst with a primary focus on risk assessment security governance and projectbased security initiatives. This role is responsible for evaluating and mitigating security risks leading compliance initiatives and driving securityrelated projects that enhance the Universitys overall cybersecurity posture. The position collaborates closely with senior leadership on building and managing an effective comprehensive security program that supports compliance with legal and business requirements in support of the Universitys mission.
Essential Functions
- Collaborates with campus business units to manage information security risks and meet relevant compliance requirements including conducting risk assessments analyzing security threats and advising on risk mitigation strategies aligned with institutional goals.
- Provides expert guidance and leadership on securityrelated projects. Evaluates recommends develops and manages technologies and solutions that support the information security program. Ensures security controls are effectively integrated into new and existing technologies.
- Manages system and information security incidents and events including performing digital forensics investigations and assisting with incident containment and notification.
- Conducts audits assessments and reviews of information security and privacy related threats and vulnerabilities to manage risks including identifying and responding to vulnerabilities alerts events and anomalous activity.
- Monitors established and emerging trends in IT and information security privacy and compliance.
- Contributes to documentation training and metrics gathering in support of the information security program.
- Develops and recommend updates to policies standards procedures solutions and governance frameworks to address information security compliance and privacy risks.
- Works with internal and external partners on risk management information security and privacy related topics.
Other Functions
Performs other duties as assigned.
Minimum Qualifications (Knowledge Skills Abilities Education Experience Certifications Licensure)
- Bachelors Degree with 7 (seven) years relevant experience or associates degree with 9 (nine) years relevant experience or high school diploma with 11 (eleven) years relevant experience.
- Strong understanding of and experience with information security frameworks privacy laws and regulatory requirements (e.g. NIST FERPA HIPAA PCIDSS ISO 27001.
- Extensive experience conducting risk assessments compliance evaluations and policy development.
- Deep understanding of security governance risk management frameworks and regulatory compliance.
- Demonstrated ability to lead security initiatives and projects at an enterprise level.
- Strong analytical and critical thinking skills to assess security risks and develop mitigation strategies.
- Demonstrated technical understanding of system network and cloud security incident management intrusion detection vulnerability and patch management and other related concepts and technologies.
- Experience with security tools such as SIEM EDR/XDR forensics tools firewalls IDS/IPS vulnerability management platforms etc.
- Experience with computer incident response including data collection investigations containment and remediation in a large complex environment.
- Excellent written and verbal communication skills with ability to work with a diverse constituency in a servicebased organization with both technical and nontechnical team members.
- Ability to manage multiple competing priorities and deadlines in a fastpaced working environment.
Preferred Qualifications (Knowledge Skills Abilities Education Experience Certifications Licensure)
- Computer Information Systems Security Professional (CISSP) or a related information security or computer forensics certification.
- Experience with cloud environments such as Microsoft Azure Amazon AWS Google GCP etc.
Physical Demands/Working Conditions
Typical office environment.
Work Schedule
- Monday to Friday 8:30am to 5:00pm.
- Required some nights and weekends.
- Team oncall participation required.
- This position has the opportunity for a hybrid work schedule which is defined by the University as an arrangementwhere an employees work is regularly performed at a location other than the campus workspace for a portion of the week. As this position falls within the Professional Staff Union it is subject to the terms and conditions of the Professional Staff Union collective bargaining agreement.
Salary Information
Level 30
Special Instructions to Applicants
Along with the application please submit a resume (and cover letter / optional). References will be checked at the finalist stage please be prepared to provide contact information for three 3 professional references.
UMass Amherst is committed to a policy of equal opportunity without regard to race color religion caste creed sex age marital status national origin disability political belief or affiliation pregnancy and pregnancyrelated condition(s) veteran status sexual orientation gender identity and expression genetic information natural and protective hairstyle and any other class of individuals protected from discrimination in employment admission to and participation in academic programs activities and services and the selection of vendors who provide services or products to the University. To fulfill that policy UMass Amherst is further committed to a program of affirmative action to eliminate or mitigate artificial barriers and to increase opportunities for the recruitment and advancement of qualified minorities women persons with disabilities and covered veterans. It is the policy of UMass Amherst to comply with the applicable federal and state statutes rules and regulations concerning equal opportunity and affirmative action.
Required Experience:
Senior IC
Employment Type
Full-Time
