IT Security Analyst

Job Purpose: Responsible for monitoring, analyzing and remediate security of information assets to identify potential security threats that risk OUC of misuse, unauthorized access or disclosure. Assist with the design and maintenance of security posture, enable compliance and assess IT risk. The Analyst also interacts with business functions to maintain insight on business needs and potential impacts. Primary Functions: Investigate malware issues, determine severity, and recommend mitigation; follow up to ensure resolution; Respond and assist with initial incident assessments, damages, recovering services; post incident information and analysis; Serve as a technical lead or Subject Matter Expert (SME) on IT sponsored projects; Provide active participation in information security architecture design; Monitor security events at the network, application, database and operating systems level to identify potential security incidents; Identify weaknesses in OUC’s security posture that could result in unauthorized access to sensitive data; participate in building remediation plans that minimize risk to sensitive data and build a defensive security posture; Provide escalated security tool administration; Perform all provisioning and modifications of user access to all major OUC IT assets including network and major applications; Conduct Security Awareness training for other Business Units; train users on how to maintain OUC’s security as well as their own; Train IT support technicians on first and second level response access related issues for supported applications, payment issues, personal and corporate device provisioning, and website issue management; Provide access control third level support to the ITSC on enterprise applications(i.e. EnterpriseOne); Serve as primary Security contact for all IT-related Request for Proposals (RFPs) and contracts across all business units, including Purchasing and Legal departments; Review and modify RFPs to include IT Security standards and policies; including the creation of additional attachments Work with Legal department attorneys to review RFP and contract wording; explain technical and security concepts; Complete IT Contract review document for Legal for all IT Security purchases; Review Hosted Vendor Solution Questionnaire required for any service that processes or host OUC data; works with responding vendors on any outstanding questions or concerns; Work on various projects to configure and implement and test security tools; Asses risk for new and existing technology. Researches, plans, and tests mitigations for risk management; Monitor security events at the network, server, application, and database; Perform other duties as assigned.