Information Security Analyst

About The Position

Requirements

• Associate’s degree in information technology, Computer Science, Management Information Systems, or equivalent combination of education and relevant enterprise-level experience.
• 2+ years of experience in IT.

Nice To Haves

• Industry related certifications (Such as MCSE, CCNA, ISC2, or any GIAC) preferred
• Working knowledge of PowerShell, Python, or C# preferred.

Responsibilities

• Regularly review and analyze security logs, system alerts, and network traffic to detect, investigate, and mitigate security threats and anomalies.
• Participate in the development, implementation, and refinement of incident response plans for rapid, effective cybersecurity event management.
• Participate in the creation and implementation of high value detections unique to UFG’s enterprise environment.
• Supports Information Technology team members with risk analysis of identified issues or events and perform investigations to uncover additional facts surrounding the event.
• Review, analyze, triage, and respond to phishing submissions and alerts.
• Assist with risk assessments, vulnerability scans, and remediation efforts across infrastructure and applications.
• Participate in disaster recovery and business continuity planning and testing
• Operate as part of a 24/7 on call team, responding to incidents and supporting the team as necessary.
• Assist with conducting analysis of cyber threats—including malware, phishing campaigns, and other attack vectors—to identify patterns, indicators of compromise (IOCs), and adversary tactics, techniques, and procedures (TTPs).
• Evaluate threat intelligence from diverse sources such as open-source intelligence tools (OSINT) and commercial feeds to identify relevant and actionable insights for the organization.
• Collaborate closely with business and IT personnel in a complex information technology environment to support proactive threat identification, risk mitigation, and incident response efforts.
• Stay current with and remain knowledgeable about new threats.
• Analyze attacker tactics, techniques and procedures (TTPs) from security events across UFG’s network of security devices and end-user systems.
• Monitor emerging security threats and identify vulnerabilities in current or proposed systems and processes.
• Participate in the development and enforcement of IT security policies, standards, procedures, and compliance requirements.
• Assist with conducting security audits and risk assessments to identify gaps, create unique solutions, and implement essential controls.
• Assist with security audits to facilitate SOX compliance in coordination with both internal and external auditors
• Assist with automation or manually input data as necessary to track, communicate, monitor, or improve the Information Security Team’s metrics and reports.
• Assist in the development of Identity Access Management standard operating procedures, playbooks and runbooks.
• Collaborate with business and IT teams to identify gaps in and expand coverage of identity access management controls and capabilities.
• Assist application administrators with implementing access controls
• Monitor information technology industry tools and trends for new technologies and make recommendations on their impact to the organization.
• Attend regular training events and keep skills sharp in the security industry and with specific UFG products.
• Maintain awareness of new attack methods and how they intersect with UFG’s security stack.

Benefits

• Annual incentive compensation
• Medical, dental, vision & life insurance
• Accident, critical Illness & short-term disability insurance
• Retirement plans with employer contributions
• Generous time-off program
• Programs designed to support the employee well-being and financial security.