INFORMATION SECURITY ANALYST

University of Washington
Seattle, WA 98104

INFORMATION SECURITY ANALYST

Req #: 187061
Department: UW INFORMATION TECHNOLOGY
Appointing Department Web Address: http://www.washington.edu/uwit/employment/
Job Location: Seattle Campus
Posting Date: 02/04/2021 
Closing Info: Open Until Filled 
Salary: Salary is commensurate with experience and education. 
Shift: First Shift 
Notes: As a UW employee, you will enjoy generous benefits and work/life programs.  For detailed information on Benefits for this position, click here.

If you would like to find out more about what it is like to work for UW-IT, as well as to get a feel for our culture and our people, visit us at our employment website.  

As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem solving skills and dedication to build stronger minds and a healthier world. UW is Committed to attracting and retaining a diverse staff, your experiences, perspectives and unique identities will be honored at the University of Washington. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.

UW faculty and staff also enjoy outstanding benefits, professional growth opportunities and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits and natural beauty. All of which has allowed the UW to be nationally recognized as a Great College to Work For for six consecutive years. 

UW-IT is the central IT organization for the University of Washington, providing critical technology support to all three campuses, UW medical centers and global research operations. UW-IT collaborates with University partners to advance teaching, learning, innovation and discovery at the UW. Office of the Chief Information Security Officer (CISO) services are designed to help UW units understand risks by analyzing and forecasting threats to information security, researching applicable information security laws, providing education on safeguarding institutional information, consulting on incident management, and managing policies and strategic solutions for UWs institutional information.

UW-IT has an outstanding opportunity for an Information Security Analyst.

The Information Security Analyst in the Office of the Chief Information Security Officer (CISO) at the University of Washington (UW) tracks known and emergent threats and vulnerabilities to University information assets, and communicates those threats and vulnerabilities to campus departments. With a strong understanding of information security risk management practices, the analyst will integrate asset, threat and vulnerability information into intelligence reports, risk assessments, and mitigation activities. This position supports institutional threat and vulnerability awareness, threat detection and analysis, vulnerability assessment, incident response, cyber security operations, and security education and awareness.

RELEVANT TECHNOLOGIES:

The person in this position is expected to demonstrate detailed knowledge and experience with:
Information security issues in an open networked environment
Facilitating consulting engagements and interactions with technical and non-technical customers
Effectively communicating information security risks to decision makers and advising them on how to align business and technical requirements to protect their critical assets
Understanding complex systems involving a variety of technologies such as multi-tiered architecture, databases, directory services, application servers, network infrastructure, and end-user devices
Secure system administration of operating systems such as Unix/Linux, Mac, and Windows
Proposing information security solutions based on thorough analysis of systems, data flows, technical security controls, vulnerabilities, and threats
Performing information security vulnerability and risk assessments
Performing information security incident response, analysis, and remediation
Networking protocols and architectures such as TCP/IP, 802.11, LAN, WAN, and VoIP

The person in this position is expected to have a broad technology background and a general understanding of:
Firewalls and Intrusion Prevention Systems
Risk management and regulatory frameworks such as HIPAA, FERPA, the federal risk management framework
Security methodologies such as OWASP, OSSTMM, and OCTAVE
Security tools such as Netcat, Nmap, Nessus, Wireshark, Metasploit, and Burp Suite
Internet protocols and formats such as HTTP, TLS, SSL, HTML, and XML
Database technologies such as MySQL, SQL Server, and Oracle
Identification and authentication technologies
Cloud and virtualization architectures
Encryption techniques, algorithms and approaches
The Information Security Analyst must have a solid understanding of the issues and processes involved with information assets and information security in an academic, scholarly enterprise. Familiarity with and sensitivity to the information technology needs of educational, research, scientific, and cultural institutions are key assets.

REQUIREMENTS:

  • Bachelors Degree in Computer Science or related field or related experience
  • Four years experience in information security
  • Experience working with Windows, Mac, and Unix/Linux operating systems for desktops and servers
  • Experience performing progressively more complex and responsible tasks within a technical environment, including maintenance and support of networked computer systems, applications, and operations
  • Experience consulting on information security threats and vulnerabilities
  • Demonstrated understanding of and experience with security-related technologies, systems and tools, including
  • Intrusion Prevention/Detection Systems, firewalls, etc.
  • Demonstrated understanding of and experience using scripting and programming languages such as Python, Perl, PowerShell, Java and C
  • Experience with security incident response, analysis, remediation and prevention
  • Experience advising stakeholders, at all levels in an organization, on information security related risks
  • Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
  • Strong communication skills (i.e., written, verbal, listening), technical documentation skills, user liaison skills, and personal interaction abilities
  • Ability to work within large collaborative organizations, building consensus and fostering ongoing relationships
  • Ability to work independently with minimal supervision
  • Knowledge of internet protocols (HTTP, DNS, etc.)
  • Demonstrated written/oral communication skills, user liaison skills and personal interaction abilities.

    Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration.

    DESIRED:

  • Information security experience working in an educational, research, scientific, cultural institution or government agency
  • Experience handling and protecting information at a variety of sensitivity levels
  • Experience in intelligence analysis
  • Understanding of laws and standards such as FISMA, HIPAA, FERPA, PCI DSS, and NIST
  • Information security certifications such as CISSP, CSFA, CEH, GWAPT, GPEN, etc.
  • Knowledge of cloud and virtualization architectures
  • Knowledge of Internet of Things and related cyber security implications of use
  • Creative thinker who can add mindset diversity to the existing team
  • Ability to obtain and maintain a DoD security clearance

    CONDITIONS OF EMPLOYMENT:

    Must be able to respond to security incidents during off-hours. This essential position is required to work remotely when UW suspends operations.

    Work is mainly sedentary and performed in a typical campus or home office.

    Application Process:
    The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process.  These assessments may include Work Authorization, Cover Letter and/or others.  Any assessments that you need to complete will appear on your screen as soon as you select Apply to this position. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your My Jobs page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.

  • Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law.

    Committed to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.

    The University of Washington is a leader in environmental stewardship & sustainability, and committed to becoming climate neutral.

    The University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.

    To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 or dso@uw.edu.


    Categories

    University of Washington

    Before you go...

    Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

    Share this job:

    INFORMATION SECURITY ANALYST

    University of Washington
    Seattle, WA 98104
    Tweet
    Facebook Share
    Copy Job URL

    Join us to start saving your Favorite Jobs!

    Sign In Create Account