Under the direction of the Information Services Manager the Information Analyst provides Information Security support and technical assistance to ensure the cyber security and safekeeping of all electronic information associated with the organization of Southeast Community College. The Information Security Analyst will work with College staff and administrators to identify and mitigate cyber security threats, identify appropriate training for College employees, and develop and share information security best practices for the organization.
In collaboration with the Cyber Security Team and Information Technology Division administration to:
1) Continually identify, develop and update proper business practices and procedures that deal with Personal Identifiable Information, (PII), to align with security standards such as Gramm-Leach-Bliley Act (GLBA), Student Aid Internet Gateway (SAIG), National Institute of Standard and Technology (NIST 800-171/53), Family Educational Rights and Privacy Act (FERPA).
2) Recommend and maintain a comprehensive College wide information security risk management program based on risk assessment results.
3) Establish and maintain Incident Response Plans, annual IT Risk Assessments and associated risk mitigation and avoidance functions.
4) Coordinate appropriate vulnerability scanning and penetration testing on our College network.
5) Coordinate and assist with information security incident response investigations and resolution
6) Develop, monitor and document proper information security related business processes done by the IT team.
7) Audit the proper levels of information security access required by College employees relating to their job duties.
8) Coordinate, deliver and monitor completion of information security related educational programs focused on user awareness and security compliance
9) Evaluate integration of systems to adhere to all College IT security policies
10) Review IT system configuration and update procedures to ensure compliance
11) Provide guidance to College personnel on information security related items
12) Evaluate new cybersecurity technology & emerging threats to provide recommendations for security improvements or mediation
13) Develop metrics to measure, monitor, and report on effectiveness of information security controls and compliance with information security policies.
14) Promote/Support Diversity
Promote and support the College’s diversity goals; promote/support Access, Fair Employment, EEO, Equity and Diversity programs.
15) Promote/Support the Organizational Environment through Goal 9 of the Strategic Plan
Promote and support the College’s organizational environment goals.
Maximize operational efficiency by enhancing policies and procedures, staffing, and communication processes and practices.
Enhance positive communication processes and practices, and maximize a positive and engaging organizational environment by encouraging input, reflective and transparent communication, and compassion and respect toward the views and ideas of others.
1) Associate’s Degree in Information Security, Computer Science, Computer Information Systems, Computer Science, Mathematics, Education, or a directly related field of study
OR 60 credit hours or more of post-secondary coursework in Computer Information Systems, Computer Science, or a directly related field of study may be substituted for an Associate’s Degree.
2) Two (2) years industry work experience related to Information Security, Policy or Analysis.
Substitution: A Bachelor’s Degree in the field of Information Security, Computer Science, or a related field of study may be substituted for the one (1) year of the required work experience. Desired Qualifications
1) Bachelor’s Degree in Information Security, Computer Science, Computer Information Systems, Computer Science, Mathematics, Education, or a related field of study.
CISA or CISSP certification.
2) Additional education, training or certifications in cyber security.
3) Experience using Ellucian Colleague Student Information Systems.