It Security Analyst I

IT Security Analyst I

Staff

JOB SUMMARY
The Information Security Analyst (ISA) performs complex cybersecurity and information security analysis work. The work involves protecting information resource assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. The ISA may provide guidance to others. The ISA works under general supervision, with moderate latitude for the use of initiative and independent judgment. The ISA position is part of shared services between Lamar State College Orange, Lamar State College Port Arthur, and Lamar Institute of Technology and the work will be performed for all three campuses. This is an exempt position.
DUTIES/RESPONSIBILITIES

• Monitors, analyzes, and responds to cybersecurity alerts from cybersecurity tools, network devices, and information systems
• Monitors and maintains cybersecurity infrastructure and/or policies and procedures to protect information systems from unauthorized use
• Performs technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment
• Supports the implementation of computer system security plans with agency personnel and outside vendors
• Researches systems and procedures for the prevention, detection, containment, and correction of data security breaches
• Configures, tests, and integrates network or computer hardware systems to protect against cyber threats
• Performs cybersecurity incident detection, response, analysis, and prevention
• Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses
• Researches and analyzes cybersecurity threat indicators and their behaviors, and recommends threat mitigation strategies
• Assists in advising management and users regarding security configurations and procedures
• Assists in delivering cybersecurity awareness training
• Performs other related duties, as assigned

MINIMUM QUALIFICATIONS

• Associate degree
• Prior experience using contemporary tools and technologies for vulnerability scanning, remote system administration, network monitoring and protection, security notification, and risk assessment
• Experience configuring and operating network and host-based firewalls, intrusion detection/prevention systems, and secure data transmission technologies (e.g., SSL VPN, IPSEC, SSH)
• Knowledge of and experience with cybersecurity and information security controls, practices, procedures, and regulations
• Extensive knowledge and experience with network, server, and desktop administration
• In-depth knowledge of security risks, controls, and risk mitigation options applicable to computer networks, server and desktop operating systems, communication protocols, and software applications
• Good oral and written communication skills, especially the ability to effectively impart complex or technical subjects to diverse audiences
• General knowledge of authoritative standards, guidelines, and best practices relative to information technology and security
• Knowledge of incident response program practices and procedures
• Knowledge of network infrastructures; current information systems technologies; networking and security devices; and risk assessment methodologies
• Skill in the use of a computer and applicable software; and in configuring, deploying, and monitoring security infrastructure
• Ability to manage and resolve complex security issues in diverse and decentralized environments
• Ability to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls
• Ability to provide guidance to others
• Education and equivalent, relevant, and progressive work experience may be substituted for one another to a limited extent.

• At least one up-to-date and active information security certification such as Security+, Network+, CCNA
• Baccalaureate degree in cybersecurity or information technology security
• Prior full-time experience as an information security professional at an Institute of Higher Education or government agency
• Prior experience in security governance, compliance, and policy development
• Knowledge and understanding of Texas Administrative Code 202

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer
• Repetitive use of a keyboard at a workstation
• Requires frequently to remain in a stationary position and move objects up to 25 pounds
• Occasionally positions self to maintain computers or networking equipment in the classrooms, offices, server room, and networking closets, including under desks and mounted in racks or cabinets
• Some travel may be required.

$55,000 - 65,000 annually

AS292P

Yes