Information Security Analyst
About The Position
Southern Utah University (SUU) invites applications for the position of Information Security Analyst. Reporting to the Chief Information Security Officer, this role is a cornerstone of the Information Security Office, responsible for the development, maintenance, and fine-tuning of the infrastructure that protects our university’s digital landscape. The Information Security Analyst is an integral member of a centralized IT team that balances high-level enterprise security products with agile, open-source projects. We are looking for a technically-minded professional who enjoys "getting under the hood" of security tools—someone who can automate a cleanup process, fine-tune a SIEM alert, and explain the "why" behind a security policy to a faculty member with equal skill. Whether you are a seasoned analyst or a technical IT professional ready to specialize in security, this position offers the opportunity to defend a complex, meaningful environment while mentoring the next generation of IT student professionals.
Requirements
- Bachelor’s degree in an IT-related field or an equivalent combination of education and experience.
- Minimum of two years’ work experience in an IT related field or a master's degree in an Information Technology related field.
- Foundational understanding of network services, systems, and protocols (TCP/IP, DNS, HTTP, etc.) used in firewalls, VPNs, and routers.
- Ability to effectively communicate technical security issues to diverse audiences.
Nice To Haves
- Experience with cloud infrastructure and security services (AWS, Azure, or GCP).
- Experience managing enterprise security platforms (SIEM, EDR, or Next-Gen Firewalls) or open-source security tools (Zeek, Suricata, Elastic, etc.).
- Experience performing IT security assessments or working within regulatory frameworks like FERPA or PCI.
- Residing in or willingness to relocate to the Cedar City area to foster on-site relationships with the campus community.
- Relevant IT security certifications (e.g., CompTIA Security+, GSEC, CEH, or CISSP).
Responsibilities
- Implement, maintain, and fine-tune security appliances, including Next-Generation Firewalls, VPNs, and Endpoint Detection and Response (EDR) platforms.
- Administer and optimize enterprise logging, email security, identity & access management, and other security related systems, ensuring alerts are actionable and high-value.
- Utilize scripting and automation to improve the efficiency of security tools and validate the effectiveness of security fixes.
- Monitor system logs and alerts to identify, investigate, respond to, and document potential and known security incidents.
- Perform initial forensic analysis and research emerging threats to develop appropriate mitigations.
- Participate in the design and execution of vulnerability assessments and penetration tests.
- Assist in compliance efforts with federal and state regulations (e.g., PCI, FERPA, HIPAA).
- Conduct risk assessments of new software and campus systems to ensure alignment with the CIS Controls framework.
- Assist in the development and auditing of campus security plans, policies, and incident response procedures.
- Supervise and mentor student employees, providing them with real-world experience in information security.
- Promote security best practices and assist in campus-wide security awareness training.
- Additional duties as assigned.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
