Information Security Analyst
Binghamton University
Binghamton, NY
Full-time
Information Services / Technology (IT)
Posted on April 21, 2024
About Binghamton University:
Binghamton University is a premier public R1 research institution in the State University of New York (SUNY) system that unites more than 130 broadly interdisciplinary educational programs with some of the most vibrant research in the nation. Our unique character - shaped by our mission, outstanding academics, facilities, and community life - promotes extraordinary student success, research, and service; Binghamton University is where our students, faculty and staff thrive.
Working at Binghamton University is more than about having a great job - it is about having the opportunity to flourish in an exciting, engaging environment. Our faculty and staff appreciate Binghamton's collegial and inclusive culture and its commitment to excellence, education, innovation and civic engagement. Our diverse campus community contributes to our success.
Binghamton merges rigorous academics, distinguished faculty, exceptional staff, and ultramodern facilities to engage and challenge its 18,000+ students. The high-achieving Binghamton student body also represents a great diversity of life experiences, from first-generation college-goers to international students. Beyond their talent, these classmates share a desire to shape the future through technology, insight, intellectual exploration, and community service.
We are an affirmative action/equal opportunity employer, and in keeping with this commitment, we welcome all to apply, including veterans and persons with disabilities.
Job Description:
Budget Title: Lead Programmer/Analyst (SL-3)
Salary: Commensurate with qualifications and experience
The Information Security Analyst will be responsible for assisting the Chief Information Security Officer/Director of Information Security in developing and maintaining Binghamton University's information security capabilities, implementing security controls, responding to information security incidents, and monitoring administrative, academic systems and the University network for policy enforcement and compliance. The Information Security Analyst will work with cross-functional teams to design and implement security initiatives; and serve as a resource person on specific information security technologies and technology-related compliance requirements.
The Information Security Analyst reports to the Chief Information Security Officer/Director of Information Security and works closely with Information Technology Services (ITS) leadership to build awareness and implementation of security controls, within the department and across the University.
In addition, the Information Security Analyst will:
- Triage, process, and close out technical client requests
- Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security
- Recommend remediation strategies and technologies for mitigating risks
- Evaluate current and future requirements and develop or recommend technical and operational solutions accordingly
- Support and manage risk mitigation tools as needed
- Develop specifications and standards for equipment, software, and procedures in support of University policies
- Investigate internal and external reports of information security issues
- Assist in analyzing results from intrusion detection systems, intrusion prevention systems, network mapping software, log analysis, and other tools to detect, respond to, and mitigate information security-related vulnerabilities and incidents
- Maintain audit and oversight of processes, procedures, and tools used to ensure security controls
- Maintain metrics and prepare reports
- Perform trend and root cause analysis
- Liaison with various University constituencies on behalf of the CISO as needed
- Serves as a resource person in assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices; interacts with internal and external technical staff and consults with project teams at various stages of project cycles.
- Must be able to maintain data confidentiality and compliance with regulatory requirements (HIPAA, FERPA, PCI, etc.)
Requirements:
Visa sponsorship is not available for this position
- Bachelor's degree or Bachelor's degree completion by May 2024, or Associates degree plus 2 years' experience and/or relevant certifications
- Demonstrated competence in information security concepts
- Demonstrated strong written and oral communication skills
- Effective problem-solving, interpersonal, and multitasking skills
- Ability to work with multiple constituencies within a culturally diverse environment
- Excellent interpersonal skills, strong analytical skills, demonstrated ability to work in a team environment, and the ability to deal with ambiguity in a changing business
- Experience with cybersecurity
- Experience with Incident Management/Response
- Experience with Endpoint Detection and Response, Carbon Black EDR
- Experience with Splunk or log files
- A demonstrated understanding of network topologies, architectures, protocols, and addressing schemes. Network management experience is desirable
- Knowledge of and a demonstrated ability to operate Unix and Windows-based security tools (e.g., nmap, Snort, group policy)
- Programming or scripting languages (e.g., python, php, ruby, bash)
- Experience with Data Loss Prevention (DLP)
- Knowledge or experience in regulatory compliance frameworks such as NIST, PCI-DSS, FERPA, GLBA, HIPAA, DFARS, CMMC, ITAR
- Experience working in a large complex academic organization or experience in health care or research environment
- A portfolio of web applications/projects that demonstrate required skills. You may upload a document or links during the application process which demonstrates how the above technical requirements are met.
Additional Information:
Offers of employment may be contingent upon successful completion of a pre-employment background check and verification of degree(s) and credentials.
Binghamton University is a tobacco-free campus.
Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Governor's Office of Employee Relations at (518) 474-6988 or via email at info@goer.ny.gov
Payroll information can be found on our website https://www.binghamton.edu/offices/human-resources/payroll/
Cover letters may be addressed "To the Search Committee."
Postings active on the website, accept applications until closure.
For information on the Dual Career Program, please visit:
https://www.binghamton.edu/offices/human-resources/prospective/dual-career/index.html
Equal Opportunity/Affirmative Action Employer
The State University of New York is an Equal Opportunity/Affirmative Action Employer. It is the policy of Binghamton University to provide for and promote equal opportunity employment, compensation, and other terms and conditions of employment without discrimination on the basis of age, race, color, religion, disability, national origin, gender identity or expression, sexual orientation, veteran or military service member status, marital status, domestic violence victim status, genetic predisposition or carrier status, or arrest and/or criminal conviction record unless based upon a bona fide occupational qualification or other exception.
As required by Title IX and its implementing regulations Binghamton University does not discriminate on the basis of sex in the educational programs and activities which it operates. This requirement extends to employment and admission. Inquiries about sex discrimination may be directed to the University Title IX Coordinator or directly to the Office of Civil Rights (OCR). Contact information for the Title IX Coordinator and OCR, as well as the University's complete Non-Discrimination Notice may be found here.
Application Instructions:
All applicants must apply via Interview Exchange: http://binghamton.interviewexchange.com/candapply.jsp?JOBID=172734
Deadline for Internal Applicants: March 4, 2024
Deadline for External Applicants: Open until filled
Review of applications will begin immediately and continue until the vacancy is filled.
Please submit:
- Resume,
- Cover letter, and
- Contact information for three professional references
