The Information Security Analyst (ISA) is a member of the Information Security (IS) team and works closely with the other members of IS to implement and evolve a comprehensive information security program. This includes a primary focus on detecting and preventing information or cyber security threats to our organization. The incumbent will be required to connect dots where they may not have existed before and correlate data in novel and interesting ways to determine weaknesses within our infrastructure (software, hardware, networks, etc.) to find and implement creative ways to protect it. This position will be responsible for initial response to and troubleshooting of cyber security, networking, and endpoint incidents; operational ticket-based work; as well as front line monitoring of network devices, data center equipment, and other enterprise information security architecture items.
Perform real-time security log and event analysis and take action within defined parameters to contain and mitigate IS threats and escalate as needed based upon severity.
Review and analyze security events, determine their severity, and author reports detailing the activity.
Assist in coordination and completion of IS operations documentation.
Work with IS leadership to develop strategies and plans to enforce security requirements and address identified risks.
Detect and report to IS management elements concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
Advise IT staff on normal and exception-based processing of security requests.
Monitor daily, weekly, or monthly reports and security logs for unusual events. Investigate events and data as needed to achieve a compliant resolution.
Research and assess new threats and security alerts and recommends remedial actions.
Monitor KUMC network(s) for security breaches and investigate a violation when one occurs.
Anticipate security alerts, incidents, and disasters and reduce their likelihood.
Monitor intrusion detection and prevention systems, network vulnerability systems, antivirus, and encryption systems.
Respond to and escalate events, contribute to and maintain documented processes around monitoring and response.
Understand how to analyze log files from a variety of source systems to construct the narrative of a security incident.
Support incident and problem management for security incidents.
Provide ongoing frontline support and guidance to IT support staff and users on a variety of security issues.
Build and navigate business and technical relationships which add significant value to the department.
Assist computer users when they need to install or learn about new security products and procedures.
Work with the IR department and members of the IS team to identify, select, and implement technical controls.
All other duties, tasks, and responsibilities as assigned.
KU Medical Center is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disability status, or genetic information.
*Applications must be submitted directly through the KU Medical Center website to be considered for this position. Any applications submitted via email or this website will NOT be reviewed or considered.
About KU Medical Center:
The University of Kansas Medical Center’s mission is to educate exceptional health care professionals through a full range of undergraduate, graduate, professional, postdoctoral and continuing education programs in the schools of Medicine, Nursing and Health Professions. KU Medical Center also advances the health sciences through world-class research programs; provides compassionate and state-of-the-art patient care in an academic medical center environment; and works with communities in every Kansas county to improve the health of Kansans. Learn more at www.kumc.edu.
KU Medical Center proudly offers a competitive and comprehensive benefits package through the state of Kansas, with flexible options designed to meet the diverse needs of our faculty and staff. To learn more about our options for medical, vision, dental and other insurances, as well as our generous time off policies and retirement options, please visit http://www.kumc.edu/human-resources/benefitsrewards.html.
Graduation from an accredited two-year college or university with a degree or major course work in information security, computer science, computer engineering, telecommunications, systems administration, or another related technical degree area.
Two (2) or more years of progressive work experience in information or cyber security.
Experience operating, maintaining, and rule writing within a commercially available SIEM technology.
Must have one or more of the following certifications: CompTIA Network+, CompTIA Security+, (ISC)2 SSCP, EC-Council ECSA, or an equivalent certification.
Demonstrated knowledge of, and experience with implementing technical aspects of compliance standards and regulations such as HIPPA, FERPA, GLBA, PCI DSS, NIST, etc.
Required to be available 24/7 and rotate in a schedule of on-call status.
Graduation from an accredited four-year college or university with a degree or major course work in information security, cyber security, computer science, computer engineering, telecommunications, systems administration, or another related technical degree area.
Experience implementing, operating, maintaining, and supporting information security tools and technologies.
Experience with implementing, operating, maintaining, or supporting data loss prevention (DLP) technologies.
Demonstrated understanding of and experience completing risk assessments and related documentational artifacts.
Demonstrated understanding of networking architectures, topologies, practices, and technologies.Customer service oriented.
Displays attention to detail.
Expectation: Must use a well-reasoned judgment regarding privacy matters as they relate to this position.
Expectation: Maintain a well-reasoned, objective, and independent point of view.
Expectation: Manage multiple high priority efforts or competing priorities and flexibility to adjust to changing requirements, schedules, and priorities.
Expectation: Communicate in a clear and understandable way while being polite and friendly through written and verbal means.
Expectation: Must work well with others and independently as needed.
Expectation: A self-starter that is always looking for ways to improve current processes while continuously learning.
Expectation: Participate in after-hours upgrades, troubleshooting, and on-call availability as needed.