Information Security Analyst

About The Position

Requirements

• Associate degree; Bachelor degree preferred.
• Entry-level certifications such as CompTIA Security+, Microsoft SC-900, or equivalent.
• Experience with help desk ticketing systems or logging tools (e.g., Team Dynamix, Splunk, Azure Monitor, etc.).
• Basic understanding of cybersecurity principles, networking fundamentals, and common operating systems.
• Familiarity with tools such as antivirus, multi-factor authentication, and enterprise endpoint security.
• Ability to handle sensitive information with discretion and follow written procedures.
• Strong analytical and problem-solving skills.
• Effective written and verbal communication skills.
• Demonstrated interest in pursuing a career in information security.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy (e.g., GLBA, FERPA, GDPR, HIPAA, PCI, etc.)
• Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
• Knowledge of industry security frameworks (e.g., NIST 800-171, CIS, etc.)
• Knowledge of ITSM frameworks (ITIL, etc.) and service delivery models.
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Ability to translate sophisticated concepts into simple, clear and concise messages that technical and non-technical audiences can quickly comprehend.
• Ability to establish, maintain and cultivate positive and effective working relationships with those contacted in the course of work.
• Ability to multitask and work well individually, as well as cooperatively with others in support of team effort.
• Ability and interest to continually learn and grow professionally.
• Ability to build and follow work plans.
• Ability to work across departments and business units to implement the college’s data privacy policies and programs.

Nice To Haves

• Working knowledge and experience with Microsoft 365 (SharePoint, MS Teams, Purview, security, DLP, etc.), SentinelOne, and Abnormal Security is highly desirable.
• Skill in verbal and written communication, facilitation, and interpersonal skills.

Responsibilities

• Monitor system alerts, logs, and endpoint protection tools to identify potential security events and action upon them with direction from senior staff as appropriate.
• Support the Technical Manager, Information Security & Infrastructure, vCISO, and Information Security Team during incident response by gathering data, documenting findings, and performing preliminary triage.
• Assist with compliance activities by preparing audit documentation, tracking remediation efforts, and maintaining access control records.
• Contribute to information security awareness and training programs by updating materials and coordinating outreach efforts.
• Working closely with the Endpoint Management Coordinator, perform basic vulnerability scans and assist in tracking remediation plans provided by the engineering or infrastructure teams.
• Help maintain identity and access management controls by reviewing user permissions and supporting periodic access reviews.
• Participate in regular risk assessments, vendor reviews, business impact analysis, and implement controls to mitigate potential threats and vulnerabilities, as directed.
• Stay current with emerging cybersecurity threats, tools, and best practices; participate in professional development opportunities.
• Maintain documentation of security procedures, tools, and workflows for future reference and audit readiness.
• Collaborate with IT staff to support secure configuration and deployment of systems.
• Provide guidance on best practices for data protection and cybersecurity.
• Serve on College committees and/or external committees as directed by the supervisor and/or Chief Information Officer.
• Perform other duties as assigned.

Benefits

• medical, dental and vision coverage for employee and eligible dependents
• generous annual, sick and personal leave
• 19 paid holidays
• tuition assistance and tuition waiver based on eligibility guidelines
• opportunity to enroll in retirement accounts (403B or Maryland State Retirement System based on eligibility guidelines)
• voluntary retirement account with TIAA or Fidelity
• employee paid short term disability
• employer provided basic life insurance and accidental death insurance
• employee paid voluntary life insurance
• access to Fitness Center
• library