Below you will find the details for the position including any supplementary documentation and questions you should review before applying for the opening. To apply for the position, please click the Apply for this Job link/button.
If you would like to bookmark this position for later review, click on the Bookmark link. If you would like to print a copy of this position for your records, click on the Print Preview link.Bookmark this Posting Print Preview Apply for this Job Posting Details
Position InformationPosting Number S797
This position is open to Open to All Applicants Job Title INFORMATION SECURITY ANALYST (LEVEL I, II, or III) Department Information Technology Position Type Exempt Employment Status Full-Time-Staff Salary Minimum: Level I $47,476.41; Level II $56,000.00; Level III $65,000.00 Open Date 05/02/2023 Close Date 06/05/2023 Open Until Filled No
Position Summary Information
Job Description Summary
The purpose of this position is to maintain and enhance the security of College computers, networks, software, cloud platforms, and other information system assets and data. This is accomplished by monitoring and configuring security systems; performing network and vulnerability scanning; security assessing vendor hardware / software /cloud platforms for use at the college; coordinating and/or assisting with incident response; testing and implementing new security hardware and software; coordinating information security tasks; identifying and remediating gaps in the security of information systems; assisting the Chief Information Officer and Information Security Officer with creating and revising information security policies, procedures, standards, guidelines, and technical documentation; and performing other duties that may be assigned.
Level I (EINFTEM10144) – Grade 515 : Bachelor's degree in an IT related field OR Associate's degree in an IT related field plus one (1) year related experience.
Level II (EINFTEM10154) – Grade 516: Bachelor's degree in an IT related field plus one (1) year experience OR Associate's degree in an IT related field plus three (3) years related experience. Level III – Grade 517: Bachelor's degree in an IT related field plus five (5) years related experience OR Associate's degree in an IT related field plus seven (7) years of experience.
Recent full-time experience in information security, managing enterprise computer systems, systems management, or in network management.
Required Job Knowledge, Skills, Abilities
Knowledge of the limitations and capabilities of computer systems; OSI and TCP/IP network models and protocols; network hardware and operational support of networking; wireless network technologies, protocols, and security strategies; Internet protocols and technologies, network routing and DNS protocols; use of network monitoring tools such as Wireshark, nmap.
Knowledge of applicable federal and state regulations and legislation, Texas Government Code (TGC), Texas Administrative Code 202 (TAC 202), SOX, GLBA, HIPAA; FERPA; industry standards, PCI DSS, AICPA ; security frameworks, NIST, ISO; familiar with the principles of information security governance, and development of polices, procedures, guidelines, and frameworks.
Knowledge/Experience with the administration and security of Windows, macOS, iOS, Android, ChromeOS, and Linux/UNIX, desktop, mobile device, and server OS environments; Active Directory security, Identity Access Management (IAM) technologies and protocols, federation, SAML, SSO, OAuth, Open ID Connect, RADIUS; virtualization technologies and environments to include security strategies, cloud technologies, models, and configuration management.
Skills/Experience in configuring, deploying, and monitoring security infrastructure; security incident response; Intrusion Detection/Intrusion Prevention Systems (IDS/IDPS), endpoint security, firewall filters, vulnerability scanners, SIEM tools, Endpoint Detection Response (EDR), Data Loss Prevention (DLP), O365/Azure Advanced Security, active and passive electronic network discovery, and network host inventory.
Knowledge of information risk management procedures and frameworks, lifecycle, application of risk strategies, documentation, and KPI / KRI metrics.
At least one of the following information security certifications:
Certified Information System Security Professional (CISSP),
Global Information Assurance Certification (GIAC) (specifically GIAC Certified Intrusion Analyst (GCIA)),
GIAC Certified Incident Handler (GCIH),
Reverse Engineering of Malware (GREM),
GIAC Security Essentials (GSEC),
Certified Information System Auditor (CISA),
Cybersecurity Analyst (CySA+),
Certified Ethical Hacker (CEH),
CompTIA Advanced Security Practitioner (CASP),
Special Instructions to Applicants
This is a security-sensitive position. Employment resulting from this advertisement is subject to federal laws that require the verification of identity and the legal right to work in the United States. Employment is contingent upon the successful completion of a criminal background and reference checks. The College reserves the right to cancel or extend all recruitment actions. Del Mar College is an AA/EO employer. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities. The College is committed to diversity in its workforce.
Monitor and configure IDS/IDPS, firewall filters, EDR, SIEM, email security, and other security platforms protecting College information resources.
Detect and respond to potential attacks targeting College IT infrastructure and/or data; develop, deploy, and document, security software tools, procedures, and playbooks.
Assist in facilitating external assessments and audits. Develop, provide, and maintain reports and documentation.
Perform network and vulnerability scanning to ensure that College systems are kept up to date and appropriately protected; perform system administration tasks in support of information security systems and activities.
Assist in disaster recovery planning and implementation; development and delivery of user security awareness training; attend professional events, consulting sessions, and seminars, in the information security professional community.
Evaluate, install, test, configure, and troubleshoot new and existing security tools and software.
Coordinate information security tasks and activities; maintain awareness of emerging vulnerabilities and security threats;
Work with Information Technology Services, vendors, and other college departments, in the performance of risk and gap analysis, determining security needs, applying risk controls, and making security recommendations. Security assess vendor hardware / software / cloud platforms for use at the College.
Assist the Chief Information Officer and Information Security Officer with the development and revision of information security policies, procedures, standards, and guidelines.
Conduct digital forensic incident response, ensure integrity of data and systems, forensic analysis, preservation and retention of data, and reporting.Supplemental Questions
Required fields are indicated with an asterisk ().