Intermediate Security Analyst - Oklahoma City, United States - The University of Oklahoma

    The University of Oklahoma
    The University of Oklahoma Oklahoma City, United States

    4 weeks ago

    Default job background
    Description
    Title- Intermediate Security Analyst
    Team- Security GRC

    A GRC Security Analyst is responsible for performing governance, risk, and compliance tasks that include: a) Conducting security and risk analysis using NIST risk management frameworks; b) Monitoring compliance with security policies, laws, and regulations such as GLBA, GDPR, FERPA, and HIPAA/HITECH; c) Responding to security incidents and providing support as needed; d) Provide actionable security advice through policy or standards creation that support data protection initiatives to protect OU from cybersecurity risks; and e) Create system security plans, security assessments reports, and supporting plan of actions and milestones (POAMs), supporting the NIST and NIST control frameworks.

    Duties:
    • Responsible for monitoring the security systems in our organization to include securing online and on-premises infrastructures, filtering out suspicious activity, and finding and mitigating security risks before any breaches can occur.
    • Leads efforts to counter security breaches and anticipates and reduces the likelihood of future security alerts, incidents, and disasters.
    • Defines, plans, implements, maintains, and upgrades security measures, policies, and controls.
    • Writes reports and provides insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
    • Assists with the creation of updates and training programs to secure the network. Trains the employees.
    • Keeps the security systems up to date.
    • Monitors security access and maintains the relevant data.
    • Conducts vulnerability testing and risk analyses to assess security. Performs internal and external security audits.
    • Analyzes security breaches to identify the cause and to update incidence responses and disaster recovery plans.
    • Verifies and coordinates security plans with outside vendors.
    • Creates procedures for IT employees and trains in security awareness.
    • Performs various duties as needed to successfully fulfill the function of the position.
    **The position will office in OKC with a hybrid work model option for experienced candidates.**