Cyber-Security Analyst - IS-Security

University of Texas Medical Branch (UTMB)•Galveston, TX

3d•Remote

About The Position

The Security Analyst on the Governance, Risk, and Compliance (GRC) team plays a critical role in safeguarding sensitive information resources and data, ensuring organizational compliance with industry regulations. This position supports the development, implementation, and monitoring of security policies, risk management processes, and compliance frameworks such as HIPAA, TAC 202, UTS 165, and NIST cybersecurity standards.

Requirements

Bachelor's degree and one (1) year of IT or security experience.
An equivalent combination of education and experience relevant to the role may be considered for this position.

Nice To Haves

3 years of cybersecurity experience.
Python, Rust, C, C+, Java, and/or PowerShell.
Academic and/or working experience with TCP/IP networking, and networking services such as DNS, SMTP, DHCP, etc.
Windows, MacOS, Linux-variant operating systems, such as the file system structure, system services, and typical behavior of endpoints and servers
Cloud-based services such as Microsoft Office 365 and Azure productivity tools.

Responsibilities

Supports the organization’s information resources, security environments, and applications to ensure they remain adequately protected and aligned with the NIST Cybersecurity Framework (CSF).
Assists in activities across the CSF functions: Identify, Protect, Detect, Respond, and Recover, including supporting asset classification, implementing security controls, monitoring for anomalous activity, and participating in 24/7 incident response processes.
Complete CompTIA CySA+ certification training and successfully pass the exam within 90 days of hire.
Work assigned shifts supporting 24x7x365 Tier 1 SOC operations.
Perform alert triage across on-premises and cloud security technologies, including SIEM, IDS, antivirus, cloud services, Windows servers, network infrastructure, DLP, UBA, and user-submitted security reports.
Apply basic security controls to contain malicious activity and prevent unauthorized disclosure of sensitive information.
Escalate alerts to Tier 2 based on severity and priority, supporting follow-on incident response activities.
Contribute to SOC workflow improvements by identifying false positives and recommending process enhancements.
Assist with incident response through resolution and help develop after-action reports.
Participate in ongoing skill development to strengthen investigation and response capabilities.
Adhere to internal controls, reporting structures, and all applicable standards, processes, and procedures.
Perform other related duties as assigned by management.