IT Security Analyst II, Security Team - University Information Services

Location
Washington D.C.
Posted
May 12, 2017
Closes
Jun 01, 2017
Function
Analyst, IT
Industry
Education, Security
Hours
Full Time
Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.

Requirements

IT Security Analyst II, Security Team - University Information Services

The IT Security Analyst II provides technical expertise and guidance in the areas of information security analysis, intrusion detection, incident response, and network security management. Audits and strengthens security on workstations, servers and network systems. S/he works with systems and network administrators at Georgetown University to ensure that appropriate security levels are maintained.  In cooperation with staff and operating within the guidelines of the information security policy and acceptable use policy, the Security Analyst performs penetration testing, security validation and other technical tasks using commercial and publicly available security tools; and works with legal counsel, campus police, internal and external auditing, and a broad section of the University community on identifying and clarifying the issues related to computer security and risk. Reporting to the Director of Information Security Operations, the IT Security Analyst II has duties that include but are not limited to:

Security Analysis and Reporting

  • Using available security tools and processes, audits workstations, servers and network systems to identify security flaws and vulnerabilities in operating system or application software in accordance with established policies regarding elements such as periodicity, coordination, and notification. 
  • Maintains records of audit results, and informs, as appropriate, other staff members - for example, system administrators, auditors, managers, and the security officer - of these results and as to positive or negative trends that may be observed.

Intrusion Detection and Prevention

  • Builds and maintains an infrastructure for intrusion detection, network security management.
  • Performs trend analysis on intrusion data. 
  • Maintains detailed records of attempted and successful intrusions.

Incident Response

  • Investigates possible security incidents or other violations of the acceptable use policies. 
  • Assists and guides systems and network administrators as necessary.
  • Act as a UIS liaison during investigations that may involve University Counsel, law enforcement, and national and international security agencies.

Training and Education

  • Provides security and training support to the systems and networks administrator, staff, and end users. 
  • Supports and fosters collaboration and discussion of security issues via means such as the web, e-mail, discussion lists, and user groups.
  • Develops processes for informing systems and network administrators of security-related events which may impact the secure operation of a system.
  • Coordinates with technical staff and other service providers on campus to develop and revise system policies and procedures that help to provide a safe and secure computing environment at Georgetown University. 

Keeping Current

Stays current on new software tools, security vulnerabilities, and solutions through CERT, SANS, FIRST, EDUCAUSE and other organizations, web sites, mailing lists, and training opportunities.

Requirements

  • Bachelor's degree or equivalent with relevant course work in Computer Science, Information Systems or related field(s) - graduate degree preferred
  • At least 4 years of technical information security experience in one or more of the following areas:  intrusion detection, incident response, forensics, vulnerability assessment, system audit, and firewall management - preferably in a university environment, as is experience with Cisco PIX and Checkpoint FW-1
  • At least 3 years of enterprise Unix (pref. Solaris), Windows NT/2000/XP, and/or Cisco system/network administration in an enterprise environment, including the ability to perform operating system hardening, tuning and audit
  • Experience with current commercial and open-source security tools, such as Nmap, Nessus, ISS Internet Scanner, Snort, and tcpdump
  • In-depth knowledge of TCP/IP - experience with Active Directory, LDAP, Kerberos, Sendmail, SNMP, Apache, IIS, Oracle, and SQL preferred
  • Familiarity with at least one of the following programming languages:  Perl, Unix Shell, C, C++, or Java 
  • Familiarity with best practices for security, audit, and incident response
  • Certifications in security (CISSP, SSCP, and SANS GIAC), SUN Solaris, Cisco, Checkpoint, and/or Microsoft
  • Excellent interpersonal, written and verbal communication and analytical skills

Current Employees:

If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.

Submission Guidelines:

Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume  for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.

Need Assistance:

If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or ideaa@georgetown.edu.

Need some assistance with the application process? Please call 202-687-2500

EEO Statement:

Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff.  All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex, disability status, protected veteran status, or any other characteristic protected by law.