Senior Security Operations Analyst/Advisor
Senior Security Operations Analyst/Advisor - University Information Security Office (UISO)
The University Information Security Office (UISO) is a department within University Information Services that at its core works to ensure the security of critical University data, protect key University IT infrastructure and systems and maintain a secure online experience for the University community.
The Senior Security Operations Analyst/Advisor is a technical security expert responsible for security operations in the University Information Security Office (UISO) and the University's Enterprise IT. This person reviews architecture and application changes for security impacts and possible recertification, develops security metrics , actively participate in the enterprise Change Control Board (CCB), perform security analysis and writes Security Impact Analyses in a timely manner, provides NIST 800-171 qualitative risk assessments and conducts research to provide recommendations on methods, software, and technologies to mitigate risk exposures. The Senior Security Operations Analyst/Advisor is also expected to be involved in day-to-day security operations as well as coordinate work with the Governance, Risk and Compliance (GRC) component of security. S/he is responsible for integrating threat intelligence into various security tools and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise. Duties include but are not limited to:
- Brief leadership when needed on specific security issues that have arisen or may arise based on threat evaluation.
- Works with Director of Compliance on the roll out of new policies and procedures and overcoming technical challenges.
- Communicates with user community, management and external student community on related matters in a timely manner (e.g. Phishing, Breach, Virus, DoS, etc.).
- Collaborates with GU campus stakeholders on establishing security requirements essential University initiatives (e.g. Research, Vendors, Labs, Facilities Operations, Medstar, etc.).
- Assists and leads Incident Response operations.
- Leads GU's security incident response teams across multiple providers, staff and national security agencies as required.
- Assumes responsibilities of Incident Manager as required to support 24x7 operations.
- Establishes GU as an active partner with federal and regional security agencies on the prevention of security issues and the education of the University community on best practices and potential events.
- Collaborates with UISO/GRC on policies that are needed to operationalize gaps.
- Analyzes security breaches to determine their root cause.
- Recommends and installs appropriate tools and countermeasures.
- Manages network, intrusion detection and prevention systems.
- Ensures the necessary scans to asse ss or demonstrate compliance with IT security controls and document weaknesses and vulnerabilities found, if any. Where necessary, test and validate to ensure the system meets applicable GU and government standards.
- Other duties as assigned.
- Reviews architecture and application changes for security impacts and possible recertification.
- Performs security analysis and write Security Impact Analyses in a timely manner.
- Conducts research and provide recommendations on methods, software, and technologies to mitigate risk exposures.
- Reviews vulnerability scans and provide mitigation techniques.
- Updates documents to reflect new security guidelines and impacts.
- Ensures the confidentiality, availability and integrity of the GU network and critical information assets.
- Plans, implements and upgrades security measures and controls.
- Conducts internal and external security audits as needed.
- Bachelor's degree or equivalent; Master's degree in computer science or security-related filed a plus
- 7+ years of experience with incident response, security operations, or Cybersecurity
- Experience with SIEMs, intrusion detection/prevents systems (IDP/IPS) (e.g., snort, bro, etc)
- Experience with analyzing network and host logs and creating, leveraging, and implementing IOC datasets
- Knowledge of Cybersecurity best practices, standards, frameworks, common network and host security technologies and Cyber threat intelligence processes
Technical Qualifications or Specialized Certification
- Ability to communicate complex technical problems to lay audiences
- Familiarity with industrial control systems, financial sector
- Ability to work across various operating systems including Windows, Linux and variants
- Demonstrated ability to operate firewalls and virtual private networks (VPNs)
- Experience with end user support
- Experience researching the latest security advancements
- Additional Qualifications: Security certifications, coursework
Current Georgetown Employees:
If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.
Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.
If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or firstname.lastname@example.org.
Need some assistance with the application process? Please call 202-687-2500. For more information about the suite of benefits, professional development and community involvement opportunities that make up Georgetown's commitment to its employees, please visit the Georgetown Works website.
Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.