Click here to view a list of current vacancies.
IT Security Analyst
Office of Technology Services
Vacancy number 301344
Position Type: Regular, full-time exempt position with full, competitive benefits package
Opens: 05/26/23 Closes: Open Until Filled
Salary: Commensurate with qualifications
• excellent tuition remission benefits
• outstanding health benefits plans and rates
• at least 11 paid holidays each year
• 40 days of annual, personal, and sick leave each year, including 20+ annual leave days
• great retirement plans
Reporting to the Chief IT Architect, this position will participate in the day-to-day oversight and administration of the information security program for the University of Baltimore. This position and program contribute to the mission of the University by maintaining the integrity of campus technology resources, appropriate protection of information, identification and mitigation of technology and information-related risks and driving compliance with University System of Maryland (USM), state and federal requirements. The Analyst is responsible for a range of activities including policy and standards development, security assessments, incident response, awareness training implementation, log management and monitoring, audit coordination and oversight of intrusion detection and prevention systems. This position provides analysis, serves as a consultant, and takes an active role in overall technology change management. The Analyst must monitor security trends and be forward thinking in its advocacy of security practices, policies and technology.
We look forward to receiving your required electronic application with a cover letter and resume and learning about your interest in and qualifications for our vacancy. Please save your required cover letter and resume as one document (please make the file name short and without spaces or special characters) and attach it in the resume location. To apply, visit http://www.ubalt.edu/candidate_gateway/erecruit.html. Additional instructions below.
Key Functions/Responsibilities/Tasks:
Information Security Program: Under the guidance of OTS leadership, oversees, administers and improves the University’s overall information security program in support of the appropriate confidentially, integrity and availability of information and technology systems.
• Monitors security trends and advocates for security practices, policies and technology.
• Facilitates the selection and implementation of information security solutions including, but not limited to, anti-virus, anti-malware, firewalls, virtual private network (VPN), intrusion detection and prevention (IDP) and security information and event management (SIEM).
• Participates in the selection of IT infrastructure and software; develops and specifies security requirements.
• Performs ongoing analysis and correlation of information collected by IPS and SIEM systems; responsible for the ongoing maintenance and support of these systems.
• Responsible for the ongoing maintenance and support of SIEM and IDP systems.
• Serves as a key member of the security incident response team.
• Investigates incidents that are detected or reported.
• Reports issues to OTS leadership, or other personnel, as appropriate.
• Oversees and monitors an information security audit program.
• Develops and reviews automated reports to achieve compliance with USM policies, state, federal and audit requirements.
• Reviews security advisories, assessing relevance and risk, and disseminates to relevant technical staff.
• Develops, implements and maintains an ongoing IT security awareness program.
• Prepares an annual IT security program update for the Chief Information Officer (CIO). Reviews update with the CIO for presentation to the President.
Audits and Assessments: Acts as the primary point of contact for all IT-related audits in support of consistent, efficient and effective audit activities and overall staff accountability.
• Provides support and oversight for all technology audits of all campus units.
• Coordinates all information requests by auditors.
• Tracks resolution of audit findings, providing periodic status updates to CIO.
• Conducts required network and server vulnerability assessments.
• Conducts routine audits of the network infrastructure configuration to ensure security best practices are being utilized.
• Tracks security vulnerabilities and remediation activities; holds employees accountable for timely resolution.
• Partners with Chief IT Architect to perform vendor security assessments.
• Participates in the development and implementation of a personally identifiable information (PII) monitoring program.
Policy, Standard, Guideline and Procedure Development: Oversees the development and maintenance of a comprehensive information security policy framework.
• Identifies needs in the policy framework and proposes associated efforts to supervisor, DCIO and CIO.
• Serves as a key developer of information security policies, standards, guidelines and procedures.
• Periodically reviews elements of the existing policy framework for needed updates.
• Monitors USM policies and State of Maryland legislation for framework requirements.
• Participates in the University System of Maryland information security coordination council and contributes to policy and standard development.
Documentation and Cross Training: Develops and maintains documentation in support of a sustainable and auditable security program.
• Develops and maintains documentation for all aspects of the information security program and infrastructure.
• Reviews security-related documentation of other technology units and makes recommendations for necessary improvements.
• Provides periodic training to staff members serving with backup responsibilities for information security activities.
Change Management and Project Consulting: Participates in technology change management and on project teams providing comprehensive analysis in support of successful changes and fully developed project requirements and plans.
• Serves on the technology Change Control Board (CCB).
• Participates in project evaluation teams so that security is part of the system development life cycle (SDLC).
Required Education: Bachelor’s degree.
Required Experience:
• 5 years of IT experience to include 1 year of experience in information security administration and production support in a distributed networking environment.
• Required familiarity with major information security tools
• Experience working and interacting with technical teams
Preferred Education: Graduate degree in Computer Science, Information Technology Engineering, or related field.
Preferred Experience:
• 5+ years of progressive information security administration and enterprise production support experience
• 3+ years in higher education
• Experience with risk and vulnerability assessment and/or penetration testing
• Understanding of basic programming or scripting languages
• Experience with State of MD and USM audit processes
Required Knowledge, Skills and Abilities:
Analytical Skills
• Ability to perform development and systems analysis including identifying security threats and impact for applications and technology infrastructure used by UBalt.
• Ability to gather, compile and analyze data to make practical recommendations at the tactical level to leadership.
• Experience conducting security analysis, including elements such as:
o Potential security threats to UBalt
o Documenting information security processes
o Developing and assessing business cases for change
o Measuring the impact of security improvements
o Participating in change management processes
Interpersonal
• Flexible, adaptable and able to sustain momentum, effectiveness and enthusiastic demeanor while conditions and organizational structures may be fluid.
• Good interpersonal skills and experience working with multiple internal and external constituencies; able to gain community respect and possesses good relationship building skills.
• Good communication capabilities, including giving presentations, and speaking publicly.
• Ability to translate complex security concepts into easily understandable terms.
• Ability to work well with functional and technical teams.
• Demonstrated ability to communicate clearly, concisely and accurately with people, verbally and in writing.
Technical
Infrastructure Hardware and Software:
• Intrusion detection and prevention
• Security incident and event management
• Virtual private networking
• Encryption technology
• Firewalls
• Networks and related components
• Cisco IOS
• Application gateways and load balancers
• Network scanning tools such as Nessus
• Encryption technology
• Communications technology
• Wireless networking
• 802.1x
• Data storage
• Microsoft Windows desktop and server operating systems
• Microsoft SQL Server
• Microsoft Exchange
• Microsoft Office365 security and compliance
• Linux
• Apple desktop and mobile operating systems
• Android operating system
• Microsoft Azure
• Amazon Web Services
• Active Directory
• SAML
• DHCP
• DNS
• LDAP
• SSH
• SMTP
• FTP
• SMB
• CIFS
• NFS
• RDP
• Antivirus
• Terminal Server
The University of Baltimore ("UBalt" or "University") does not discriminate on the basis of sex, gender, race, religion, age, disability, national origin, ethnicity, sexual orientation, gender identity, or other legally protected characteristics in its programs, activities or employment practices. UBalt is an Equal Opportunity/Affirmative Action/ADA Compliant Employer & Title IX Institution.
We appreciate your interest in our recruitment. Please review the information below before you visit http://www.ubalt.edu/candidate_gateway/erecruit.html to apply.
We need to receive your electronic application in our system by the vacancy closing date in order to consider you for the vacancy. Information follows about submitting the electronic application and attaching your required cover letter and resume.
Applicant Instructions: Using Candidate Gateway to View and Apply for UBalt Vacancies
The Candidate Gateway system serves as your connection to The University of Baltimore’s job application process. It is a free, safe and secure way for you to apply for the job you want, and it allows the Office of Human Resources to maintain accurate records. Your use of the system does not require you to surrender any of your rights to privacy or confidentiality during the application process. Only qualified members of UBalt’s Human Resources team and members of the relevant search committee can access your application information. The search committee will not have access to any information you provide to HR for affirmative action reporting purposes.
Please read and print the information below before you apply, and refer to it as you enter your application.
NAVIGATION
A - COVER LETTER AND RESUME ATTACHMENT AND UPLOAD
Before you apply:
• Save one PDF or Word file with your cover letter, resume, and any additional information you would like to have considered.
When you apply:
•In Candidate Gateway: Click “Browse” to access the Word or PDF document you saved with all of your documents.
•Then, click “Upload” to attach it.
•Click “Continue” to continue the application process.
B - ENTER DATA ON THE FOLLOWING PAGES:
Each page shows this display:
Previous Save Submit Close Application Careers Home NEXT
above and below the required data for the four categories shown above.
Click “Save” to save the data you entered on that page. The message “You have successfully submitted your job application.” confirms only that you entered that page of information into the system. You must click “Next” to continue and complete the entire application process.
1. Current and Prior Employment/Work Experience:
•Enter employment information relevant to your position of interest.
•You can use the first day of the month wherever dates are required.
•After you enter your work experience, click “Save,” then click “Next.”
2. Education/Education History and References:
•Use the dropdown to enter your highest education level. Entering this information is required.
•Then, only college and university information is required. Click the plus sign to the left of the “Postsecondary Education” link to enter that information.
•For country, enter USA or click the hourglass to select another country.
•You can use the first day of the month wherever dates are required.
•Click the plus sign to the left of "References" to enter two professional references.
•After you enter your education information and references, click “Save,” then click “Next.”
3. How did you find out about us/how did you find out about the job?
•After you enter this information, click “Save,” then click “Next.”
4. Online Questionnaire/Application Questionnaire: Answer the questions requiring a yes or no response. After you answer them, click “Submit.” This leads you to the Submit Online Application page.
C – SUBMIT ONLINE APPLICATION
To apply for your selected job: When you reach the “Submit Online Application” page shown below, you must click “I agree to these terms” and then click the “Submit” button at the end of the screen. After you click “Submit,” then you will see this information at the top of your screen:
My Applications
Thank you for your interest in employment at The University of Baltimore. HR will process your application documents for the search committee’s consideration.
Note: This screen will also show additional information about the selection process and Office of Human Resources contact information.
Questions/Help
If you have trouble viewing our job postings or applying for the vacancy, contact ubhrcareers@ubalt.edu for assistance.
TO APPLY:
External applicants: Review the vacancy announcement at http://www.ubalt.edu/candidate_gateway/erecruit.html and click the external applicant link to apply.
Internal applicants (students taking classes at UBalt and current employees) with login and password for MyUBalt: use the internal applicant link, log into MyUBalt, then click the “View or Apply for Job Positions” link on the left.
http://www.ubalt.edu/hr
•Never use the Internet Explorer “Back” and “Forward” arrows to navigate. You will lose the information you have submitted.
•To navigate between pages, use the “Next,” “Previous,” and “Return to Previous Page” buttons.
•Use the “Save” button to save your information so you can return to it later and complete your application. Using “Save” does not complete the process to apply for a job opening.
The University of Baltimore ("UBalt" or "University") does not discriminate on the basis of sex, gender, race, religion, age, disability, national origin, ethnicity, sexual orientation, gender identity, or other legally protected characteristics in its programs, activities or employment practices. UBalt is an Equal Opportunity/Affirmative Action/ADA Compliant Employer & Title IX Institution.