The Information Security Analyst is responsible for information security policy development and maintenance; day to day monitoring and response to security related events; design of security policy education, training, and awareness activities; monitoring compliance with corporate IT security policy and applicable law; and coordinating investigation and reporting of security incidents. Working with the Information Technology Operations team, this person will also perform vulnerability assessments and risk assessment reviews, and participate in various security related projects. The core of American Campus culture involves everyone being fully invested in everything that we do down to picking up the smallest piece of trash. No matter their position or duration at any given property, everyone picks up trash.
Essential Duties and Responsibilities (other duties may be assigned):
- Researches, develops, implements and maintains security systems to ensure protection of information resources.
- Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Monitor for, and respond to security related events.
- Participates in risk assessments to identify potential risks and security breaches
- Assists with security incident responses, investigations and reporting.
- Advise departments on regulatory requirements, institutional policies, and security best practices
- Assist in the development of a comprehensive information security training and awareness program.
- Contributes to the development, implementation and maintenance of security standards and processes.
- Works with Internal and External audit groups to meet SOX and PCI requirements.
- Performs analysis of logs from several systems to identify unexpected or malicious activity.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Bachelor’s degree, preferably in Management Information Systems, Computer Engineering, or Computer Science
- Minimum of 5 years’ experience in IT Operations and/or IT Security
- Professional security certification strongly preferred, such as CISSP, CISA, CEH, SANS or other applicable industry certifications
- Prior experience with regulatory audits such as SOX and PCI are strongly preferred.
Knowledge, Skills and Abilities:
- Good knowledge of security tools, such as Tipping Point, F5, Nessus, SAINT, and Splunk.
- Good knowledge of security pertaining to Microsoft back-office platforms, including Windows Server, SQL Server, SharePoint, and ISS.
- Good knowledge of security pertaining to Microsoft end-point systems, including Windows, Office, and IE.
- Good knowledge of TCP/IP networking.
- Familiarity with Incident Response and Management processes and procedures
- Familiar with Security Policies and Procedures
- Familiar with end-user security awareness training
- Security risk assessments (including vulnerability analysis and penetration testing)
- Skilled in configuring, deploying, and monitoring security tools.
- Ability to resolve security issues in diverse and decentralized environments.
- Demonstrated technical independence in highly complex and integrated environments.
- Ability to write reports, business correspondence, and procedure manuals.
- Ability to effectively present information and respond to questions from groups of managers, clients, customers, and coworkers.
Certificates and Licenses:
Professional security certification strongly preferred, such as CISSP, CISA, CEH, SANS or other applicable industry certifications. Will consider certifications in-progress if candidate can provide evidence of commitment.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this Job, the employee is regularly required to sit; use hands to finger, handle, or feel and talk or hear. Specific vision abilities required by this job include Close vision, Distance vision, Peripheral vision, Depth perception and Ability to adjust focus.
Back to Results