IT Security Analyst II, Information Security Operations - University Information Services

Washington D.C.
Jan 31, 2018
Aug 17, 2018
Analyst, IT
Education, Security
Full Time
Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.


IT Security Analyst II, Information Security Operations - University Information Services

The IT Security Analyst II provides technical expertise and guidance in the areas of information security analysis, intrusion detection, incident response, and network security management. S/he audits and strengthens security on workstations, servers and network systems, and works with systems and network administrators at Georgetown University to ensure that appropriate security levels are maintained. Reporting to the Director of Information Security Operations, the IT Security Analyst II has duties that include but are not limited to:

Security Analysis and Reporting

  • Uses available security tools and processes, audit workstations, servers and network systems to identify security flaws and vulnerabilities in operating system or application software in accordance with established policies regarding periodicity, coordination, and notification. 
  • Maintains records of audit results, and informs, as appropriate, system administrators, auditors, managers, the security officer, and other relevant parties of these results and any positive or negative trends observed.

Intrusion Detection and Prevention

  • Builds and maintains an infrastructure for intrusion detection and network security management.
  • Performs trend analysis on intrusion data. 
  • Maintains detailed records of attempted and successful intrusions.

Incident Response

  • Investigates possible security incidents or other violations of the acceptable use policies. 
  • Assists and guides systems and network administrators as necessary.
  • Acts as a UIS liaison during investigations that may involve University Counsel, law enforcement, and national and international security agencies.

Training and Education

  • Provides security and training support to the systems and networks administrator, staff, and end users. 
  • Supports and fosters collaboration and discussion of security issues via the web, e-mail, discussion lists, and user groups.
  • Develops processes for informing systems and network administrators of security-related events which may impact the secure operation of a system.
  • Coordinates with technical staff and other service providers on campus to develop and revise system policies and procedures that help to provide a safe and secure computing environment at Georgetown University. 
  • Stays current on new software tools, security vulnerabilities, and solutions through CERT, SANS, FIRST, EDUCAUSE and other organizations, web sites, mailing lists, and training opportunities.


  • Bachelor's degree or equivalent with relevant course work in Computer Science, Information Systems, or related field(s) - Master's preferred
  • 4 years of technical information security experience in one or more of the following areas: Intrusion detection, incident response, vulnerability assessment, system audit, and firewall management
  • 3 years of enterprise Unix (preferbaly Solaris), Windows NT/2000/XP, and/or Cisco system/network administration in an enterprise environment, including the ability to perform operating system hardening, tuning and audit
  • Familiarity with best practices for security, audit, and incident response
  • Excellent interpersonal, written and verbal communication, and analytical skills
  • Extensive knowledge of engineering, supporting, and implementation of the Splunk Enterprise Security application
  • Experience with the Splunk query language, creating views, reports, and dashboards within Splunk
  • Experience with current commercial and open-source security tools, such as Nmap, Nessus, ISS Internet Scanner, Snort, and tcpdump, with in-depth knowledge of TCP/IP
  • Familiarity with at least one of the following programming languages:  Python, Perl, Unix Shell, C, C++, or Java

Preferred qualifications

  • Experience with Active Directory, LDAP, Kerberos, SNMP, Apache, IIS, Oracle, and SQL
  • Experience in a university environment and with Cisco PIX and Palo Alto
  • Certifications in security (CISSP, SSCP, and SANS GIAC), SUN Solaris, Cisco, and/or Microsoft

Current Georgetown Employees:

If you currently work at Georgetown University, please exit this website and login to GMS ( using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.

Submission Guidelines:

Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume  for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.

Need Assistance:

If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or

Need some assistance with the application process? Please call 202-687-2500

EEO Statement:

Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff.  All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.

Similar jobs