Information Security Associate

About The Position

Requirements

• Must obtain CompTIA Security+ certification within one year of accepting the position.
• Knowledge of: Microsoft 365 administration and MFA troubleshooting in a university and/or enterprise environment; common business technology platforms, operating systems, security practices, networking, authentication, and services deployment and integration; university policies and procedures; office practices and procedures; department/division goals and objectives; department/division policies and procedures; workplace safety practices and procedures; English grammar and spelling; records management; office management; project management.
• Skill in: organization; problem solving in complex technology environments; use of office equipment; typing, data entry; computer operation; use of computer software and other programs applicable to the assigned department.
• Ability to: communicate in an understandable, polite, and professional manner with various stakeholders, both technical and non-technical; successfully work independently with clients and technical support personnel; deal with problems involving several variables within familiar context; define problems, collect data, establish facts, and draw valid conclusions; determine material and equipment needs; calculate fractions, decimals, and percentages; compile and prepare reports; use proper research methods to gather data; understand a variety of written and/or verbal communications; prepare accurate documentation; maintain records according to established procedures; effectively interact with personnel and public to answer routine questions; train or instruct others; move quickly and effectively from one task to another; work independently and in a team environment; develop and maintain effective working relationships.
• Atleast a bachelor's degree and at least two years of related experience to include working knowledge of enterprise security practices: authentication/authorization, least privilege, incident response, encryption, and/or patch management. Foundational networking and operating system skills in Windows and/or Linux.

Nice To Haves

• Practical experience with the university's, or similar, IAM solution and Active Directory
• experience in higher education IT or large enterprise environments with FERPA/GLBA/PCI/similar considerations
• demonstrated experience with phishing reporting tools, endpoint protection, and/or vulnerability scanners
• familiarity with Banner ERP, or similar, access workflows and business applications
• industry recognized certifications such as Security+, CISA, CRISC, CISSP, or equivalent.

Responsibilities

• Operates and monitors core security services including Microsoft 365 security features (MFA, phishing reporting, conditional access), VPN access controls, and endpoint protection.
• Responds to and triages security alerts from security tools such as endpoint detection and email security systems.
• Administers identity and access management (IAM) tasks using the university IAM solution, including group and role-based access control.
• Supports vulnerability management: runs scans, validates findings, and coordinates remediation with infrastructure teams.
• Assists with administering YSU's security exception/waiver process, including risk evaluation and tracking.
• Promotes security awareness by supporting phishing simulations, campaigns, and end-user education efforts.
• Documents security operations, runbooks, and standard operating procedures, ensuring alignment with YSU IT Security Manual.
• Works in ticketing and service portals to manage security-related incidents, requests, and service-level commitments.
• Collaborates with network, systems, and service desk teams to ensure secure service delivery across the university.
• Acts as a lead worker; provides functional guidance to lower-level workers.
• Analyzes complex data sets and prepares comprehensive reports with recommendations for leadership.
• Researches and recommends process improvements for departmental operations on a routine or regular basis. Evaluates effectiveness and recommends enhancements of services.
• Coordinates daily tasks related to one or more assigned components of overall programs and/or services as assigned.
• Regularly communicates with supervisor and other staff, including student workers, as required or needed in the completion of daily tasks in support of overall goals and objectives.
• Prepares and maintains accurate records of daily tasks in accordance with applicable policies and procedures and assures timely communication with supervisor, staff, and students where appropriate.
• Gathers data and prepares reports and other information/documentation for supervisory review?related to programs and/or services, or one or more assigned components.
• Remains informed of current developments and procedures pertinent to duties; participates in staff development activities; attends meetings, conferences, and other events.
• Trains new hires.
• Performs other duties as assigned and/or required that are within the level of responsibility for this classification at the discretion of the supervisor.