Information Security Analyst
Inside Higher Ed
- Johnson City, Tennessee, United States
- Johnson City, Tennessee, United States
Über
Job Description The Information Security Analyst will assist the Chief Information Security Officer/Director of Information Security in developing and maintaining Binghamton University’s information security capabilities, implementing security controls, responding to information security incidents, and monitoring administrative, academic systems, and the University network for policy enforcement and compliance. The analyst will work with cross‑functional teams to design and implement security initiatives; serve as a resource person on specific information security technologies and compliance requirements.
The Information Security Analyst reports to the Chief Information Security Officer/Director of Information Security and works closely with Information Technology Services (ITS) leadership to build awareness and implementation of security controls within the department and across the University.
Responsibilities
Triage, process, and close out technical client requests.
Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security.
Recommend remediation strategies and technologies for mitigating risks.
Evaluate current and future requirements and develop or recommend technical and operational solutions accordingly.
Support and manage risk mitigation tools as needed.
Develop specifications and standards for equipment, software, and procedures in support of University policies.
Investigate internal and external reports of information security issues.
Assist in analyzing results from intrusion detection systems, intrusion prevention systems, network mapping software, log analysis, and other tools to detect, respond to, and mitigate information security related vulnerabilities and incidents.
Maintain audit and oversight of processes, procedures, and tools used to ensure security controls.
Maintain metrics and prepare reports.
Perform trend and root cause analysis.
Liaison with various University constituencies on behalf of the CISO as needed.
Serves as a resource person in assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices; interacts with internal and external technical staff and consults with project teams at various stages of project cycles.
Must be able to maintain data confidentiality and compliance with regulatory requirements (GLBA, CMMC, HIPAA, FERPA, PCI, etc.).
Requirements
Bachelor’s degree in a relevant field (completed by May2026), or an Associate’s degree plus 2 years of professional Information Security experience.
Proven ability to apply core Information Security concepts (e.g., CIA triad, risk assessment, or encryption) through completed coursework, certifications, or professional projects.
Experience producing technical documentation, such as lab reports, incident summaries, or system walkthroughs, for a technical or non‑technical audience.
Documented experience contributing to a shared goal within a team environment (e.g., senior capstone projects, professional workgroups, or student organizations).
Demonstrated ability to manage multiple concurrent tasks or projects with competing deadlines in an academic or professional setting.
Preferred
Professional experience with Incident Management/Response and EDR tools.
Technical proficiency in querying and analyzing log files within SPLUNK, Microsoft Sentinel, or similar SIEM platforms.
Hands‑on experience navigating Google Security Center or Microsoft365 Security Center.
Working knowledge of network topologies, architectures (OSImodel), protocols (TCP/IP), and addressing schemes.
Experience operating Unix and Windows‑based security tools (e.g., nmap, Snort, or GroupPolicyManagement).
Ability to write or modify scripts in Python, PHP, or Powershell to automate security tasks.
Experience implementing or auditing Data Loss Prevention (DLP) strategies.
Knowledge of regulatory frameworks, including NIST, PCI‑DSS, FERPA, GLBA, HIPAA, DFARS, CMMC, ITIL/ITSM or ITAR.
Experience working within large‑scale, complex environments such as Higher Education, Healthcare, or Research facilities.
Experience using, configuring, or securing AI models and automated agents.
Additional Information This position is considered a Campus Security Authority for purposes of Clery Act compliance.
Visa sponsorship is not available for this position. If you currently need sponsorship or will need it in the future to maintain employment authorization, you do not meet eligibility requirements.
Equal Opportunity / Aff. Action Employer We are an affirmative action/equal opportunity employer, and in keeping with this commitment we welcome all to apply, including veterans and persons with disabilities.
The State University of New York is an Equal Opportunity/Affirmative Action Employer. It is the policy of Binghamton University to provide for and promote equal opportunity employment, compensation, and other terms and conditions of employment without discrimination on the basis of age, race, color, religion, disability, national origin, gender identity or expression, sexual orientation, veteran or military service member status, marital status, domestic violence victim status, genetic predisposition or carrier status, or arrest and/or criminal conviction record unless based upon a bona fide occupational qualification or other exception.
Binghamton University is a tobacco‑free campus.
Binghamton University is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact the ADA Coordinator by completing the Reasonable Accommodation Request Form.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.