Security Analyst II - East Lansing, United States - Michigan State University
Description
Security Analyst II / Information Technologist IIJob no:
929680
Work type:
Support Staff
Pay Grade:
13
Major Administrative Unit / College:
Information Technology Services
Department:
It Services Security
Sub Area:
AP- Professionals
Salary:
Salary Commensurate with Experience
Location:
East Lansing
Categories:
Information Technology, Administrative Professionals- AP, Full Time %), Union, Remote-Friendly
Working/Functional Title
Security Analyst II
Position Summary
The MSU Information Security team aims to achieve university success through precision Information Security focused on risk management, engagement, and education.
As a valued member of the Information Security team, and in coordination with the Research Cyber-Infrastructure team, the Security Analyst II ensures appropriate treatment of risk, compliance, and assurance of security controls necessary to be compliant with Federal research requirements and acts as an independent resource and liaison to staff on investigations, analyses, and responses to cyber incidents within the research environment or enclave.
Michigan State University (MSU) is a top 100 global university located in East Lansing, three miles east of the state's capital.
MSU offers an extensive benefits package to its employees including health care, prescription, and dental coverage, and a base retirement program with a University matching contribution, as well as basic life insurance.
In addition, MSU offers educational benefits including a course fee courtesy program and educational assistance.MSU Information Technology provides the primary leadership for strategic, financial, and policy initiatives affecting information technology (IT) across MSU. MSU IT offers technology resources that support MSU's mission of providing education, conducting research, and advancing engagement.
Diversity, Equity, and Inclusion (DEI) are essential elements, vital to the culture MSU Information Technology endeavors to cultivate.
This includes providing opportunities and access for all people which incorporate differences of race, age, color, ethnicity, gender, sexual orientation, gender identity, gender expression, religion, national origin, migratory status, disability/abilities, political affiliation, veteran status, and socioeconomic background.
Unit Specific Education/Experience/Skills
Knowledge equivalent to that which normally would be acquired by completing a four-year college degree program; three to five years of related and progressively more responsible or expansive work experience in information technology, risk, and/or compliance; or security administration and operations, or an equivalent combination of education and experience.
The following desired qualifications are based upon the NIST NICE framework for cybersecurity
Knowledge of computer concepts and protocols, and security methodologies. (K0001)
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk), and knowledge of cyber threats and vulnerabilities. (K0002 & K0005)
Knowledge of laws, regulations (NSPM-33, CMMC), policies, and ethics as they relate to Research cybersecurity and privacy [principles]. (K0003 & K0004)
Knowledge of business continuity and disaster recovery continuity of operations plans. (K0026)
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists), and of network services and protocols interactions that provide network communications.
(K0033 & K0034)Knowledge of incident response and handling methodologies. (K0042)
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
(S0027)Skill in discerning the protection needs (i.e., security controls) of information systems and networks, including how the CIA triad may apply.
(S0034 & S0006)Skill in interfacing with customers (S0111)
Certification(s) or study in an area of information assurance or risk management are considered a plus (e.g.
, Security+; CISSP; CISA; CISM; CRISC; CSX-P) Other certifications from credentialling bodies such as:
ISACA; (ISC)2; SANS GIAC; CompTIA; EC-Council, or even network/security/system vendors will also be considered.
Equal Employment Opportunity Statement
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, age, disability or protected veteran status.
Resume and Cover Letter
Special Instructions
Please provide three professional references who are knowledgeable of your work.
Work Hours
STANDARD 8-5
Website
Remote Work Statement
MSU strives to provide a flexible work environment and this position has been designated as remote-friendly. Remote-friendly means some or all of the duties can be performed remotely as mutually agreed upon.
Bidding eligibility ends on 2/13/2024 at 11:55 PM
Advertised:
Feb 7, 2024 Eastern Standard Time
Applications close:
Apr 28, 2024 Eastern Daylight Time
#J-18808-Ljbffr