The Intermediate Security Analyst will be working within a team in multiple areas of security operations across all campuses. Identify operational risks and bring them to an acceptable level for management. Collaborate on incident response, vulnerability management, endpoint security and application security. Develop, maintain and document other security operational analysis processes as needed.
Duties-
Responsible for monitoring the security systems in our organization to include securing online and on-premises infrastructures, filtering out suspicious activity, and finding and mitigating security risks before any breaches can occur.
Leads efforts to counter security breaches and anticipates and reduces the likelihood of future security alerts, incidents, and disasters.
Keeps the security systems up to date.
Monitors security access and maintains the relevant data.
Analyzes security breaches to identify the cause and to update incidence responses and disaster recovery plans.
Verifies and coordinates security plans with outside vendors.
Creates procedures for IT employees and trains in security awareness.
Performs various duties as needed to successfully fulfill the function of the position.
**The position will be located in Norman with a flexible and/or remote option possible for experienced candidates.**
Required Education: Bachelors degree, AND;
36 months experience in Security Administration or a related field.
Equivalency/Substitution: Will accept 48 months related experience in lieu of the Bachelors Degree for a total of 84 months experience.
Skills:
Ability to work in a high-stress environment
Excellent verbal and written communication skills, interpersonal, and teaching skills
Anticipation, analytical, and problem-solving skills
Ability to remain current on the latest technology and best practices in information security
Team member on incident response activities before, during and after incidents
Coordinate with other teams during incident response and assign responsibilities or delegate when necessary
Assist in drafting and reviewing post-mortem reports to stakeholders
Conduct internal investigations in accordance with established policies and Incident Response playbooks
Leverage legal, compliance, and privacy experts as needed to consult and advise on actions regarding regulatory aspects of incidents
Participate in the implementation of a complete set of incident response workflows, including automation and vulnerability response
Prepare scenarios, and test procedures regularly with internal teams
Identify operational risks and bring them to an acceptable level for management
Collaborate in all aspect of threat intelligence activities including threat hunting, malware analysis and forensics
Experience with EDR technologies
Develop, maintain and document operational analysis processes
Develop, maintain and document operational vulnerability management processes and procedures
Understanding of network services, vulnerabilities, and attacks
Knowledge of application exploits and vulnerabilities
Knowledge of ports and services typical in configuration of web servers, file servers, and workstations
Knowledge of and experience with the CVE program, Common Vulnerability Scoring System (CVSS), and other industry specific vulnerability classification standards, frameworks, and best practices
Demonstrated understanding of Windows/Mac/Linux operating system and infrastructure vulnerability scanning and configuration
Ability to communicate vulnerability details and remediation steps
Certifications:
None
Advertised Physical Requirements:
Sits for prolonged periods. Use of a computer. Communicate effectively and listens. Office Work Environment.
Department Preferences:
None
Special Instructions: If you are selected as a final candidate for this position, you will be subject to The University of Oklahoma Norman Campus Tuberculosis Testing policy. To view the policy, visit https://hr.ou.edu/Policies-Handbooks/TB-Testing.
Why You Belong at the University of Oklahoma: The University of Oklahoma fosters an inclusive culture of respect and civility, belonging, and access, which are essential to our collective pursuit of excellence and our determination to change lives. The unique talents, perspectives, and experiences of our community enrich the learning, and working environment at OU, inspiring us to harness our innovation, creativity, and collaboration for the advancement of people everywhere.
Equal Employment Opportunity Statement: The University of Oklahoma, in compliance with all applicable federal and state laws and regulations, does not discriminate based on race, color, national origin, sex, sexual orientation, genetic information, gender identity, gender expression, age, religion, disability, political beliefs, or status as a veteran in any of its policies, practices, or procedures. This includes, but is not limited to, admissions, employment, financial aid, housing, services in educational programs or activities, and health care services that the University operates or provides.