Arcadia University, Domestic

  • IT Security Analyst / IT Risk and Compliance Analyst / Cyber Security

    Location US-PA-Glenside
    Category
    Staff
    Type
    Regular Staff Full-Time
    Department
    Information Technology
  • Overview

    Responsible for day-to-day monitoring of institutional systems for intrusion, identification and management of day-to-day IT security vulnerabilities and threats, implementation of tools for managing spam, patching software, and enforcing day-to-day IT security policy.

     

    Arcadia University is a top-ranked private university in Greater Philadelphia and promises a distinctly global, integrative, and personal learning experience that prepares students to contribute and lead in a diverse and dynamic world. A national leader in study abroad and international education, Arcadia has been named #1 in undergraduate study abroad participation by the Institute of International Education's Open Doors Report for the past seven years. Approximately 3,900 students attend Arcadia, and the University's 2,500 undergraduate students choose from more than 65 fields of study.

     

    Applications must be submitted online through Arcadia's Human Resources portal to receive full consideration. Please do not email application materials to hiring manager.

     

    The university will not pursue immigration sponsorships or contract staff for this position.

     

    For additional information and to apply, please visit: https://careers-arcadia.icims.com/jobs/ and submit a cover letter, resume and names and phone numbers of three professional references. Application review will begin immediately. Posting will be removed from the website once we've established a sufficient talent pool for consideration.

     

    Arcadia University seeks candidates of diverse cultural backgrounds and abilities. Arcadia University encourages members of underrepresented groups to apply. All offers of employment are conditional based on successful completion of a background check.

    Responsibilities

    Essential Functions

    • Investigate and document technology-related security issues.
    • The incumbent will coordinate and work closely with university officials, including Title IX and public safety officials, and law enforcement as necessary. Analyze and respond to security events and making recommendation to leadership as to when a security incident should be declared.
    • Formalize procedures and plans around security incident response with IT and other university stakeholders.
    • Prepare action oriented, educational communications for the Arcadia community.
    • Collaborate to develop procedures and policies (as necessary) to facilitate timely on-and off-boarding of all users to ensure security-minded system/data flows for logical and physical security system updates that protect identities.
    • Research and develop guidance to inform the university community on technology-related export/import control considerations when conducting research, teaching or traveling abroad.
    • The incumbent will work closely with General Counsel and other university stakeholders to develop, communicate and maintain this guidance.
    • Oversee penetration testing operations including management of periodic vulnerability scans and all remediation efforts.
    • The incumbent will formalize the vulnerability management program and measure progress over time reporting on progress to the CIO.
    • Engage in continuous education about security issues, tools, and concepts. (encryption, device image management, email, transmission, storage, authentication. etc)

     

    Marginal Functions

     

    Other duties in support of the security and mission of the department, as needed

     

    Supervision:

    Received: Chief Information Officer Given: n/a

    Qualifications

    Required Knowledge, Skills and Abilities:

     

    Organization and Time Management: Manage projects and communication, timelines, and feedback in a manner that allows all to work efficiently. Able to recognize and differentiate imperative details. Strategically makes decisions to effectively problem solve. Understand his/her work in the context of the larger project or client (internal/external) matters/initiatives. Communicate workload and status of projects effectively and timely. Make certain he/she understands assignments, expectations, and relevant deadlines

     

    Communication: Demonstrate confidence and expertise in informal and formal communications including team and client (internal/external) interactions, meetings, and presentations. Adjusts presentation style to audiences and content. Takes a creative approach to presenting ideas. The Analyst will need to effectively address varied audiences (technical, senior management, students, faculty. Experience collaborating with a diverse group of security professionals across many different security disciplines (application security, forensics, incident response, security engineering, etc.).

     

    Analytical Thinking: Understand client (internal/ external) interests and concerns, looks beyond the obvious to distill critical themes, issues, and ideas. Proactively and creatively look for multiple sound solutions and paths to success. Consistently identify and re-evaluate priorities, recommended courses of action, and next steps. Exhibits strategic thinking and initiative with respect to project management and client (internal/external) matters/initiatives, including self-motivated anticipatory action to drive resolution of client (internal/external) needs

     

    Information Security: Demonstrates an advanced level of skill and knowledge in many aspects in applicable functional and client (internal/external) areas, for example: IT risk management and information security management topics. Knowledgeable in operational security areas, such as, perimeter defenses, access control, incident response, vulnerability assessment, and other information security concepts. Knowledgeable in networking, TCP/IP communications and the OSI model. Displays originality and creativity when addressing client (internal/external) issues/questions/goals. Seeks out more advanced client (internal/external) service opportunity.

     

    Technology Skills: Able to use appropriate software for the designated department. Have general background knowledge about social media outlets and office software (e.g., Word, Google Docs, PowerPoint, Excel, etc.). Proficient in the use of e-mail, word processing, spreadsheet, database, and presentation software and use of the Internet to access data, maintain records, generate reports, and communicate with others. Experience with and knowledge of FERPA, NIST 800-53, NIST 800-171, NIST 800-66, ISO27001, HIPPA, PCI-DSS and GDPR. Cultural Awareness: Have an awareness and be able to respect and engage with people of various backgrounds to create a stronger community.

     

    Individual Development: Consistently take advantage of training opportunities to develop self. Assist co-workers when they are experiencing difficulty and transfer knowledge. Fully avails self of the university's training opportunities. Takes a role in formal and informal training and development opportunities for the team.

     

    Minimum Qualifications:

    • Bachelor's Degree in Field of Study: Information Sciences Technology, Cyber Security, Computer Engineering or Sciences.
    • Years of Experience: Generally requires 7+ years related experience.
    • Preferred Certifications, but not required: Relevant cyber security certifications, such as CISSP, CISM and/or PMP are highly desired.
    • Five or more years of hands-on experience in the security tools (Network Scanning, CSAM, WebInspect and Penetration Testing) configuration and usage.
    • Five or more years of experience with using MS Word, Excel, PowerPoint, HTML and Adobe products.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed