Information Security Analyst III - JR25888-3800

at University of Chicago in Chicago, Illinois, United States

Job Description

• Responds to security alerts, user inquiries, and service requests. Manages all phases of incident response including preparation, identification, containment, eradication, recovery, and lessons learned. Leads teams responding to incidents and conducting in-depth information technology risk assessments. Provides direct customer service to faculty, students, and staff for security needs. Collaborates with IT partners throughout the institution. Maintains up-to-date knowledge of security threats and proactively identifies measures needed for protection or detection that reduce risk to the institution. This responsibility requires independent critical thinking to meet the needs of the complex and dynamic university environment.
• Manages security services provided to the University community.Provides service management for security services. Maintains relationships with key customers in support of the University's legal, audit, and human resource functions. Contributes to security awareness through presented or published material. Guides communications with users to understand their security needs and supports the implementation of procedures to accommodate them. Ensures that the user community understands and adheres to necessary procedures to maintain security.
• Assess and improve security operations. Reports and analyzes key security operations metrics. Guides continuous improvement in security services. Makes recommendations and design improvements to IT security procedures. Collaborates with Information Security Engineers to improve detection and response capabilities. Documents processes and procedures. Manages security operation schedules and standup meetings.
• Uses a deep understanding of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university-wide computing and networking systems.
• Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
• Performs other related work as needed.

• Incident response or security operations.
• Customer service in any field.

• GSEC, CEH, or CISSP.

• Understanding of network and communication technologies including TCP/IP, HTTP, TLS, x.509, and DMARC.
• Understanding of common threat actor tools, techniques, and procedures.
• Proficient using the most common operating systems (Windows, Mac, and Linux) including familiarity with the command-line environment for each.
• Experience with all stages of the incident response process.
• Analyzing security alerts from network, endpoint, and email security monitoring tools.

• Excellent communication skills, especially in conveying technical concepts to a non-technical audience.
• Strong customer service orientation.
• Diagnose complex technical problems.
• Work collaboratively and independently.
• Handle multiple tasks and substantial deadline pressure.

• Office environment.
• Handle work outside of normal business hours on a scheduled or emergency basis.
• Some travel may be needed.
• Sit for 4 hours or more.
• Use computers extensively for 4 hours or more.

• Resume/CV (required)