Job ID:
249315
INFORMATION SECURITY ANALYST
San Jose/Evergreen Community College District
INFORMATION SECURITY ANALYST
San Jose/Evergreen Community College District
Close/First Review Date: 12/01/2024 Work Location: District Office
Position Description:
POSITION SUMMARY
The Information Security Analyst reports to Executive Director of ITSS (Information Technology Support Services) at the District Office. The work schedule is 12 months per year; 40 hours per week; Monday - Friday; 8:00 a.m. - 5:00 p.m.
This position is represented by CSEA (California School Employees Association), Chapter 363.
POSITION PURPOSE
Reporting to Executive Director, ITSS or an assigned administrator, the Information Security Analyst performs complex work related to the Districts information security program including testing, analysis and evaluation of the integrity and confidentiality of enterprise systems, network, assets and communication technology throughout the District. The position monitors security systems and conducts periodic risk assessments to identify, troubleshoot, diagnose, resolve and report security problems and breaches; assists in coordinating and conducting investigations involving District technology resources, and assists with security awareness training.
DISTINGUISHING CHARACTERISTICS
This position focuses on threat and vulnerability management with exposure and support on all aspects of the cybersecurity practice. Incumbent in this position should have advanced knowledge on risk identification, protection and compliance, threat detection, incident response plan development and annual review, and recovery services to achieve business resilience.
KEY DUTIES AND RESPONSIBILITIES
1. Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure.
2. Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District.
3. Work with campus and district technology teams to ensure the security of all applications and assets.
4. Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations.
5. Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards.
6. Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management.
7. Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies.
8. Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises.
9. Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc.
10. Monitor and maintain the Districts security event information system (SEIM) and data loss prevention software.
11. Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment.
12. Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff.
13. Assist in the secure management and maintenance of the Districts network authentication systems for wired and wireless network access.
14. Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems.
15. Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures.
16. Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions.
17. Perform other duties reasonably related to the job classification.
EMPLOYMENT STANDARD
Knowledge of:
1. Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards.
2. Emerging technologies and the possible impact on existing information systems, instructional processes and business operations.
3. Incident response best practices and software license compliance laws.
4. Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls.
5. Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory.
6. Principles of program design, coding, testing and implementation.
7. Advanced knowledge of desktop and server operating systems including Windows and Linux.
8. Disaster recovery and backup including business continuity planning.
9. Principles of training, support, and services to end-users.
10. General research techniques and data driven analytics.
11. Modern office administrative practices and use of tools including computers, websites and other applications related to this job.
Skills and Ability to:
1. Apply current NIST and ISO standards to current operations.
2. Respond to incidents and events in a timely manner.
3. Prepare clear and concise system documentation and reports.
4. Prioritize assigned tasks and projects.
5. Communicate complicated technical issues and the risks they pose to stakeholders and management.
6. Establish and maintain effective and cooperative working relationships with others.
7. Analyze situations accurately and adopt effective course of action.
8. Coordinate, develop, and implement projects.
9. Work with attention to detail and independently with minimum supervision.
Required Qualifications:
EDUCATION AND EXPERIENCE
1. A Bachelors degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field.
2. Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities.
Certification:
1. Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
Desired Qualifications:
1. Bilingual abilities, desirable.
Districts Diversity Requirements
- Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination.
- Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the Districts hiring policy; or demonstrated equivalent transferable skills to do so.
Salary Range: $137,214 - $167,415 Annual Salary (Range 150: Classified Salary Schedule Fiscal Year 2024-2025). Starting placement is generally at Step 1.
Benefits:
Excellent fringe benefit package includes a pension, medical, dental, vision, EAP (employee assistance plan) and life insurance for employee and eligible dependents, and income protection. Voluntary plans include supplemental life insurance, Flexible Spending Accounts, 403b and 457 Deferred Compensation Accounts. Classified employees also receive vacation, 12 sick leave days and 20 paid holidays.
To be considered for this position please visit our web site and apply on line at the following link: https://sjeccd.peopleadmin.com/
About San Jose/Evergreen Community College District The District is represented by dedicated and talented employees who are passionate about providing our student population with the best educational experience possible. The District recognizes that cultural diversity in the academic environment promotes academic excellence; fosters cultural, racial and human understanding; provides positive roles models for all students, and creates an inclusive and supportive educational and work environment for its employees, students, and the community it serves.
As of fall 2017, with enrollment of approximately 18,500 per semester, and an extremely diverse student population (Hispanic/Latino 44%, Black/African-American 4%, Asian/Pacific Islander 32%, American Indian/Native American 0.5%, White/Caucasian 11%) attaining educational goals reflecting 45% - AA Degree and Transfer to a 4-Year College/ University, the Districts emphasis on student success makes it a recognized educational leader in the State.
The District encourages a diverse pool of applicants to serve as colleagues to an existing diverse group of managers, supervisors and confidential staff consisting of 29 % Hispanic/Latino, 13% Asian/Pacific Islander, 7% Black/African American, 23% White/Caucasian, and as well as encouraging applications from all qualified, outstanding applicants.
Please reference AcademicKeys.com in your cover letter when
applying for or inquiring about this job announcement.
Contact Information
|
|
New Search |
Previous
|