INFORMATION SECURITY ANALYST
University of Washington
SAVE savedJobs
false
SAVE savedJobs

INFORMATION SECURITY ANALYST

University of Washington

Gmail Email Print
Application
The application opened in a new tab.
By using this feature you agree to our Terms and Conditions and Privacy Policy.
Details
Posted:
February 6, 2021
Location:
Seattle, Washington
Salary:
Open
Type:
Full Time

As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem solving skills and dedication to build stronger minds and a healthier world.

UW faculty and staff also enjoy outstanding benefits, professional growth opportunities and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits and natural beauty. All of which has allowed the UW to be nationally recognized as a “Great College to Work For” for six consecutive years. 

UW-IT is the central IT organization for the University of Washington, providing critical technology support to all three campuses, UW medical centers and global research operations. UW-IT collaborates with University partners to advance teaching, learning, innovation and discovery at the UW. Office of the Chief Information Security Officer (CISO) services are designed to help UW units understand risks by analyzing and forecasting threats to information security, researching applicable information security laws, providing education on safeguarding institutional information, consulting on incident management, and managing policies and strategic solutions for UW’s institutional information.

UW-IT has an outstanding opportunity for an Information Security Analyst.

The Information Security Analyst in the Office of the Chief Information Security Officer (CISO) at the University of Washington (UW) tracks known and emergent threats and vulnerabilities to University information assets, and communicates those threats and vulnerabilities to campus departments. With a strong understanding of information security risk management practices, the analyst will integrate asset, threat and vulnerability information into intelligence reports, risk assessments, and mitigation activities. This position supports institutional threat and vulnerability awareness, threat detection and analysis, vulnerability assessment, incident response, cyber security operations, and security education and awareness.

RELEVANT TECHNOLOGIES:

The person in this position is expected to demonstrate detailed knowledge and experience with:
Information security issues in an open networked environment
Facilitating consulting engagements and interactions with technical and non-technical customers
Effectively communicating information security risks to decision makers and advising them on how to align business and technical requirements to protect their critical assets
Understanding complex systems involving a variety of technologies such as multi-tiered architecture, databases, directory services, application servers, network infrastructure, and end-user devices
Secure system administration of operating systems such as Unix/Linux, Mac, and Windows
Proposing information security solutions based on thorough analysis of systems, data flows, technical security controls, vulnerabilities, and threats
Performing information security vulnerability and risk assessments
Performing information security incident response, analysis, and remediation
Networking protocols and architectures such as TCP/IP, 802.11, LAN, WAN, and VoIP

The person in this position is expected to have a broad technology background and a general understanding of:
Firewalls and Intrusion Prevention Systems
Risk management and regulatory frameworks such as HIPAA, FERPA, the federal risk management framework
Security methodologies such as OWASP, OSSTMM, and OCTAVE
Security tools such as Netcat, Nmap, Nessus, Wireshark, Metasploit, and Burp Suite
Internet protocols and formats such as HTTP, TLS, SSL, HTML, and XML
Database technologies such as MySQL, SQL Server, and Oracle
Identification and authentication technologies
Cloud and virtualization architectures
Encryption techniques, algorithms and approaches
The Information Security Analyst must have a solid understanding of the issues and processes involved with information assets and information security in an academic, scholarly enterprise. Familiarity with and sensitivity to the information technology needs of educational, research, scientific, and cultural institutions are key assets.

REQUIREMENTS:

  • Bachelor’s Degree in Computer Science or related field or related experience
  • Four years’ experience in information security
  • Experience working with Windows, Mac, and Unix/Linux operating systems for desktops and servers
  • Experience performing progressively more complex and responsible tasks within a technical environment, including maintenance and support of networked computer systems, applications, and operations
  • Experience consulting on information security threats and vulnerabilities
  • Demonstrated understanding of and experience with security-related technologies, systems and tools, including
  • Intrusion Prevention/Detection Systems, firewalls, etc.
  • Demonstrated understanding of and experience using scripting and programming languages such as Python, Perl, PowerShell, Java and C
  • Experience with security incident response, analysis, remediation and prevention
  • Experience advising stakeholders, at all levels in an organization, on information security related risks
  • Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
  • Strong communication skills (i.e., written, verbal, listening), technical documentation skills, user liaison skills, and personal interaction abilities
  • Ability to work within large collaborative organizations, building consensus and fostering ongoing relationships
  • Ability to work independently with minimal supervision
  • Knowledge of internet protocols (HTTP, DNS, etc.)
  • Demonstrated written/oral communication skills, user liaison skills and personal interaction abilities.

    Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration.

    DESIRED:

  • Information security experience working in an educational, research, scientific, cultural institution or government agency
  • Experience handling and protecting information at a variety of sensitivity levels
  • Experience in intelligence analysis
  • Understanding of laws and standards such as FISMA, HIPAA, FERPA, PCI DSS, and NIST
  • Information security certifications such as CISSP, CSFA, CEH, GWAPT, GPEN, etc.
  • Knowledge of cloud and virtualization architectures
  • Knowledge of Internet of Things and related cyber security implications of use
  • Creative thinker who can add mindset diversity to the existing team
  • Ability to obtain and maintain a DoD security clearance

    CONDITIONS OF EMPLOYMENT:

    Must be able to respond to security incidents during off-hours. This essential position is required to work remotely when UW suspends operations.

    Work is mainly sedentary and performed in a typical campus or home office.

    Application Process:
    The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process.  These assessments may include Work Authorization, Cover Letter and/or others.  Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
    		•

    Internal Number: 187061
    About University of Washington
    Founded in 1861, the University of Washington is one of the oldest public institutions in the west coast and one of the preeminent research universities in the world. The University of Washington is a multi-campus university comprised of three different campuses: Seattle, Tacoma, and Bothell. The Seattle campus is made up of sixteen schools and colleges that serve students ranging from an undergraduate level to a doctoral level. The university is home to world-class libraries, arts, music, drama, and sports, as well as the highest quality medical care in Washington State and a world-class academic medical center. The teaching and research of the University’s many professional schools provide undergraduate and graduate students the education necessary toward achieving an excellence that will serve the state, the region, and the nation. As part of a large and diverse community, the University of Washington serves more students than any other institution in the Northwest.
    More Jobs from This Employer
    BACK TO TOP
    false
    Help is on the way!
    We're sorry you are having trouble applying for this job.

    Please try loading this job using the following link before submitting your help request: