The Systems Security Analyst works within the Enterprise Technology department and along side Academic Computing, Interactive Services, and Infrastructure and Operations within the IT Division to maintain policies and implement safeguards to protect infrastructure, assets and information. This role ensures that the Institute satisfies all federal and state requirements in terms of data and cyber security, including but not limited to Graham Leach Bliley Act (GLBA), HIPAA, FERPA, and PCI. The Systems Security Analyst is responsible for conducting regular risk assessments to identify potential risks to Institute infrastructure and assets. In addition, the Systems Security Analyst is responsible for the testing and maintenance of the IT business continuity and disaster recovery plans. The Systems Security Analyst needs to stay abreast of evolving campus needs, technology capabilities, and threat intelligence to optimize data protection measures.
- Develop and maintain an Institute-wide Information Security Plan, in coordination with the Information Technology Division leadership to protect information technology assets and infrastructure against breaches.
- Prepare, document, maintain and disseminate policies and procedures in accordance with the Institute Information Security Plan.
- Maintain and conduct scheduled testing of the Information Technology Disaster Recovery and Business Continuity plans.
- Identify threats, vulnerabilities and incidents that have the potential or currently impact the Institute's information technology infrastructure and work with the responsible team in the Information Technology Division to resolve these issues.
- Provide information security incident handling and response, in cooperation with strategic campus partners, to assist with identifying, investigating, documenting, mitigating and remediating incidents that involve network and computer resources.
- Assist with education and outreach by providing advice to the IT Division on current best practices related to security, developing security documentation, and teaching workshops on computer security related topics.
- Work with campus stakeholders to ensure data security needs and controls are aligned to support organizational goals and objectives.
- Performs related duties as assigned.
Education: Bachelor's Degree required. Professional Certifications in the field of Information Security such as Security+&CSA+/CySA+ or CEH & ECSA or GCIH or CISA. Bachelor's degree in Information Security, Information Technology, Computer Science or Information Management preferred.
- Excellent understanding and knowledge of the field of information technology security.
- Three years or more of experience working in an IT position with significant information security responsibilities.
- Familiarity with security industry trends and best practices. Knowledge of systems risk and risk assessment concepts.
- Knowledge of information technology security monitoring and identity systems.
- Prior experience providing support in a higher education environment. Familiarity with FERPA, HIPAA, GLBA as well as state and federal guidelines on privacy, transactions and security.
Knowledge and Skills:
- Excellent interpersonal, organizational and communications skills as well as demonstrated ability to use independent judgment and discretion.
- Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
- Ability to follow instructions and read/interpret technical documentation Ability to work to standards and conventions.
- Proven Ability to learn new software.
- Ability to work well with diverse populations; and demonstrated level of inter-cultural competence.
TO APPLY: Please submit your cover letter, resume, and the names and contact information for three professional references.
PRATT INSTITUTE IS AN EQUAL OPPORTUNITY EMPLOYER AND RECOGNIZES AND VALUES THE BENEFITS OF A DIVERSE WORKFORCE.