Cybersecurity Analyst

About The Position

Requirements

• A post-secondary degree or certificate in Cybersecurity, Information Technology, or Computer Science; OR a combination of relevant post-secondary education and related IT work experience equivalent to a post-secondary degree.
• Demonstrated foundational understanding of information security concepts.
• Proven familiarity with Windows/Linux, networking concepts, and common security tools.
• Demonstrated effective analytical, organizational, and documentation skills.
• Ability to handle sensitive and confidential information.
• Must achieve an entry-level cybersecurity certification within the first 6 months of employment.

Nice To Haves

• Internship or entry-level experience in cybersecurity or IT, preferably in higher education.
• Familiarity with NIST CSF or ISO 27001.
• Exposure to vendor risk assessments.
• Entry-level cybersecurity certification or progress toward one.

Responsibilities

• Monitor security alerts, logs, and reports from security tools such as SIEM, endpoint protection, email security, and identity systems.
• Assist with triage, analysis, and documentation of security incidents, phishing attempts, and policy violations.
• Escalate security events to senior security staff in accordance with incident response procedures.
• Support vulnerability scanning activities and track remediation efforts with IT partners.
• Assist with vendor and third-party security assessments, including reviewing security questionnaires, contracts, and supporting documentation.
• Evaluate vendor security controls related to data protection, access controls, incident response, and compliance requirements.
• Document assessment results and track identified risks and remediation activities.
• Develop and communicate security recommendations for vendors in coordination with the Director of Information Security, Purchasing, General Counsel, and business owners.
• Support ongoing monitoring of vendor security posture and reassessments as needed.
• Assist with institutional risk assessments, control reviews, and evidence collection.
• Help maintain information security documentation, including policies, standards, procedures, and inventories.
• Support compliance activities related to higher-education regulatory and contractual requirements (e.g., FERPA, GLBA, HIPAA, research data protections, grant requirements).
• Assist with responding to audits, internal reviews, and external security inquiries.
• Support the University’s security awareness program, including phishing simulations and campus-wide training initiatives.
• Assist with security education for new faculty, staff, and students as appropriate.
• Track metrics and help prepare reports on awareness, phishing campaigns, and participation rates.
• Work with IT teams, academic departments, administrative offices, and shared governance groups to support secure technology use.
• Participate in security projects and initiatives as assigned by the Director of Information Security.
• Stay informed on emerging threats, vulnerabilities, and best practices relevant to higher education.
• Perform additional job-related duties as assigned or as appropriate.