Security Analyst II - East Lansing, United States - Michigan State University

    Michigan State University
    Michigan State University East Lansing, United States

    1 month ago

    Default job background
    Description
    Security Analyst II / Information Technologist II

    Job no:

    929680

    Work type:
    Support Staff

    Pay Grade:

    13

    Major Administrative Unit / College:
    Information Technology Services

    Department:
    It Services Security

    Sub Area:
    AP- Professionals

    Salary:
    Salary Commensurate with Experience

    Location:
    East Lansing

    Categories:
    Information Technology, Administrative Professionals- AP, Full Time %), Union, Remote-Friendly

    Working/Functional Title

    Security Analyst II

    Position Summary


    The MSU Information Security team aims to achieve university success through precision Information Security focused on risk management, engagement, and education.


    As a valued member of the Information Security team, and in coordination with the Research Cyber-Infrastructure team, the Security Analyst II ensures appropriate treatment of risk, compliance, and assurance of security controls necessary to be compliant with Federal research requirements and acts as an independent resource and liaison to staff on investigations, analyses, and responses to cyber incidents within the research environment or enclave.

    This role reports to the MSU Information Technology, Security manager and is remote-friendly with on-site as necessary.


    Michigan State University (MSU) is a top 100 global university located in East Lansing, three miles east of the state's capital.

    The MSU community includes more than 12,000 faculty, academic and support staff, as well as 50,000 students.

    MSU offers an extensive benefits package to its employees including health care, prescription, and dental coverage, and a base retirement program with a University matching contribution, as well as basic life insurance.

    In addition, MSU offers educational benefits including a course fee courtesy program and educational assistance.

    MSU Information Technology provides the primary leadership for strategic, financial, and policy initiatives affecting information technology (IT) across MSU. MSU IT offers technology resources that support MSU's mission of providing education, conducting research, and advancing engagement.

    Diversity, Equity, and Inclusion (DEI) are essential elements, vital to the culture MSU Information Technology endeavors to cultivate.

    This includes providing opportunities and access for all people which incorporate differences of race, age, color, ethnicity, gender, sexual orientation, gender identity, gender expression, religion, national origin, migratory status, disability/abilities, political affiliation, veteran status, and socioeconomic background.

    Unit Specific Education/Experience/Skills


    Knowledge equivalent to that which normally would be acquired by completing a four-year college degree program; three to five years of related and progressively more responsible or expansive work experience in information technology, risk, and/or compliance; or security administration and operations, or an equivalent combination of education and experience.

    Desired Qualifications

    The following desired qualifications are based upon the NIST NICE framework for cybersecurity

    Knowledge of computer concepts and protocols, and security methodologies. (K0001)
    Knowledge of risk management processes (e.g., methods for assessing and mitigating risk), and knowledge of cyber threats and vulnerabilities. (K0002 & K0005)
    Knowledge of laws, regulations (NSPM-33, CMMC), policies, and ethics as they relate to Research cybersecurity and privacy [principles]. (K0003 & K0004)
    Knowledge of business continuity and disaster recovery continuity of operations plans. (K0026)

    Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists), and of network services and protocols interactions that provide network communications.

    (K0033 & K0034)
    Knowledge of incident response and handling methodologies. (K0042)

    Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

    (S0027)

    Skill in discerning the protection needs (i.e., security controls) of information systems and networks, including how the CIA triad may apply.

    (S0034 & S0006)
    Skill in interfacing with customers (S0111)

    Certification(s) or study in an area of information assurance or risk management are considered a plus (e.g.

    , Security+; CISSP; CISA; CISM; CRISC; CSX-P) Other certifications from credentialling bodies such as:

    ISACA; (ISC)2; SANS GIAC; CompTIA; EC-Council, or even network/security/system vendors will also be considered.

    Equal Employment Opportunity Statement


    All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, age, disability or protected veteran status.

    Required Application Materials

    Resume and Cover Letter

    Special Instructions

    Please provide three professional references who are knowledgeable of your work.

    Work Hours

    STANDARD 8-5

    Website

    Remote Work Statement

    MSU strives to provide a flexible work environment and this position has been designated as remote-friendly. Remote-friendly means some or all of the duties can be performed remotely as mutually agreed upon.

    Bidding eligibility ends on 2/13/2024 at 11:55 PM


    Advertised:
    Feb 7, 2024 Eastern Standard Time

    Applications close:
    Apr 28, 2024 Eastern Daylight Time
    #J-18808-Ljbffr