Information Security AnalystSyracuse University • Syracuse, New York, United States
Cette offre d'emploi n'est plus disponible
Information Security Analyst
Syracuse University
- Syracuse, New York, United States
- Syracuse, New York, United States
À propos
Location: Syracuse, NY
Pay Range: $87,000-$92,000
Hours: Standard University business hours: 8:30am - 5:00pm (academic year); 8:00am - 4:30pm (summer). Hours may vary based on operational needs.
Job Type: Full Time
Job Description The Information Security Analyst is a technical role within the Information Security (InfoSec) group of Information Technology Services (ITS), responsible for defending the University’s data assets through policy controls, security operations, incident response, and AI‑assisted tooling. As a primary network defender, the analyst works at the intersection of threat detection, vulnerability management, and forensic investigation within a Security Operations Center (SOC).
The role requires hands‑on experience across several domains: SOC operations including alert triage, log analysis, and network traffic interpretation using tools such as Splunk, Kibana, or Microsoft Sentinel; Python 3 scripting for automation and detection support; firewall management for ruleset maintenance and network security enforcement; Microsoft Entra ID administration including identity architecture and PowerShell scripting; Linux system administration across mixed‑OS environments; and digital forensics at a first‑responder level, including breach assessment, evidence preservation, and containment.
This role is responsible for developing and overseeing student SOC employees. The SOC functions as both a live security operation and a learning environment, requiring the analyst to serve as senior practitioner and mentor.
Education and Experience Education
Bachelor’s degree in information security/Cybersecurity, Information Management, Computer Science, Computer Engineering, or related discipline.
Experience
Five (5+) plus years of experience in Information Technology, with a minimum of two (2) years in Information Security/Cybersecurity.
Prior experience working in a functioning SOC or equivalent security operations environment is valued, including hands‑on work triaging live alerts, investigating active incidents, and operating security tooling in a production setting.
Skills and Knowledge Required Experience (2+ years each)
SOC operations: IDS/EDR alert triage, log analysis, and network traffic interpretation using Splunk, Kibana, or Microsoft Sentinel
Microsoft Defender for Endpoint: alert triage, investigation, and response
Python 3 scripting for automation and SOC workflow support
Firewall operation and network security fundamentals
Required Experience (1+ years each)
Windows/Active Directory, endpoint log analysis, PowerShell, and group policies
Linux system administration
Digital forensics at a first‑responder level
AI‑assisted security tools (e.g., Copilot, AI‑enhanced SIEM features)
Broader Technical Knowledge: Network protocols; IDS/IPS platforms; MITRE ATT&CK and Cyber Kill Chain; vulnerability scanning; cloud security fundamentals; SOAR and scripting‑based automation; Microsoft security stack (Defender XDR, Sentinel, Purview, Entra ID) with KQL proficiency.
Active use of AI tooling across all operational functions and the application of AI as a solution is a core expectation.
Soft Skills: Cross‑functional collaboration; student SOC mentorship; multi‑source analytical precision; clear written and verbal communication to technical and non‑technical audiences; composure during active incidents; commitment to continuous learning.
Responsibilities Security Monitoring & Alert Triage
Monitor network, endpoint, and identity telemetry continuously using open‑source and enterprise SIEM platforms including Splunk, Elastic/Opensearch, and Kibana.
Review IDS alerts, system logs, and network traffic captures; triage for relevance and severity; distinguish genuine threats from false positives.
Provide second‑level analysis of alerts escalated by student SOC employees, with final disposition and escalation authority resting with this position.
SOC Tools Operations & Engineering
Operate, tune, and recommend enhancements to the SOC’s monitoring and detection platforms including Microsoft Defender and SIEM tools; leverage AI‑assisted tooling to improve detection and response workflows.
Implement threat hunting and detection strategies; identify new data sources to augment detection capability; integrate new tools and applications as needed.
Write Python and PowerShell scripts to automate detection, response, and data analysis workflows.
Assist in maintenance of firewall rulesets.
Incident Response & Investigation
Serve as first responder for security incident investigation, conducting log and system‑level analysis to determine potential scope and impact. Assist with containment, eradication, and recovery efforts.
Perform digital forensic analysis at the first‑responder level to determine whether a breach has occurred and what steps are required to contain it.
Provide written and verbal summaries of incident findings to be shared with ITS leadership and relevant stakeholders.
Vulnerability Management
Assist in maintaining and operating the University’s vulnerability assessment program, including scan configuration, finding analysis, risk prioritization based on exploitability and business impact, and remediation coordination with system owners.
Track patching effectiveness and validate closure of critical findings.
Student Employee Development
Assist in the hiring, continuous training, mentoring, and operational oversight of student SOC employees. Develop and maintain the SOC processes, runbooks, and escalation procedures that student analysts follow.
Provide direct coaching on alert investigation techniques, log analysis, and documentation standards.
Syracuse University is an equal‑opportunity institution. The University prohibits discrimination and harassment based on race, color, creed, religion, sex, gender, national origin, citizenship, ethnicity, marital status, age, disability, sexual orientation, gender identity and gender expression, veteran status, or any other status protected by applicable law to the extent prohibited by law. This nondiscrimination policy covers admissions, employment, and access to and treatment in University programs, services, and activities.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.