Cybersecurity Analyst II

Job Summary

Reporting to the Chief Information Officer, the Cybersecurity Analyst II will play a key role in leading the College’s cybersecurity operations and strategy. The Cybersecurity Analyst II is primarily responsible for: developing and implementing cybersecurity measures, processes and controls; providing advice and guidance to administrators, faculty and staff; managing and monitoring the environment for security breaches; analyzing and responding to complex cybersecurity-related alerts and incidents; monitoring system logs and network traffic for cybersecurity incidents; implementing technical projects related to the cybersecurity strategy; and actively participating in the development and implementation of the college’s cybersecurity strategy.

Specific Duties

Responsibilities Will Include But Are Not Limited To

• Create and maintain the enterprise security architecture framework, contributing to development of operational and tactical plans related to cybersecurity.
• Coordinate and develop prioritized action plans for external vulnerability and penetration tests as directed, typically on an annual and bi-annual basis and implement technical resolutions.
• Provide recommendations and guidance to maintain a defensible level of cybersecurity; implement approved technical actions and recommendations.
• Develop, implement, and monitor a server and endpoint patch management strategy.
• Develop and implement cybersecurity incident response plans and lead their execution during cybersecurity events
• Assist with the development of policy, standards, and procedures to assist your team in achieving consistent, standards focused outcomes
• Execute test plans for new hardware and software systems to ensure functionality meets specifications
• Clearly document errors discovered during testing phases
• Work closely with stakeholders to identify business objectives and assist with the creation of plans to achieve them
• Perform analysis of potential solutions and prepare cost benefit reports to aid in solution selection
• Work closely with various business units to assist with process documentation
• Design and develop information systems based on supplied process diagrams and documented requirements
• Create, maintain, and follow technical documentation
• Create simple data visualizations to assist with communicating information to decision makers
• Follow procedures to manage records and curate key operational and project documentation
• Participate on committees and working groups as a subject matter expert
• Coordinate project and issue resolution work with your team and other stakeholders
• Evaluate vendor products and provide purchase recommendations to management
• Configure user accounts and passwords, retrieve user information, and other enterprise systems user account management activities
• Provision and de-provision user changes
• Monitoring and maintenance activities such as administrator and service account setup, technical support, and troubleshooting for applications used by a small group of users
• Troubleshoot simple network issues using tools such as nslookup, ping, tracert, and ipconfig
• Act as a point of escalation for application issues encountered by front-line IT support staff
• You will be part of a team actively engaged in contributing to and accomplishing the vision, mission, and goals of the College and in supporting the aspirations and needs of our learners.
• You will promote a positive work atmosphere by interacting and communicating in a professional manner that demonstrates mutual respect with students and colleagues.
• Perform other related duties as assigned by the CIO or designate.
  
  

Skills & Qualifications

Education

• Recognized two (2 ) year diploma in Computer Information Systems, Information Technology, Electronics Engineering or another relevant field
• Security+ or equivalent certification preferred
  
  

Minimum Experience

• 5 years or more minimum of five years current experience in cybersecurity or equivalent education and experience.
  
  

Skills & Experience

• Demonstrable completion of reputable course(s) related to cybersecurity practices
• Experience in post-secondary education or the public sector is preferred
• Ability to perform digital forensics and malware analysis during an incident
• Deep understanding of risk management practices and cybersecurity frameworks (e.g. NIST )
• Ability to assess cyber security maturity state of CNC and develop cyber security strategic plan for organization
• Ability to collect relevant maturity metrics and communicate in risk terms to executives and directors
• Understanding of identity and access management issues, such as accumulated permissions, high risk permission configurations, and distributed security
• Experience leading projects
• Ability to prepare and distribute progress reports
• Familiarity with regulatory compliance
• Ability to assess the relative strengths and weaknesses of different solutions
• Ability to test newly implemented solutions and provide constructive feedback
• Ability to read and execute basic shell scripts such as batch files and PowerShell to automate administrative tasks
• Familiarity with structured approaches to system configuration management
• Proficiency with digital tools (Excel, Visio, databases, etc.) for the purpose of collecting, organizing, and analyzing business data
• Ability to interpret systems diagrams and models
• Ability to read and understand SQL
• Understanding of network concepts and terminology like connections, sessions, sockets, packets, IP address assignment, gateways, and DNS
• Ability to provide assistance and advice to less experienced members of your team
• Ability to follow pre-defined procedures to create, update and maintain assets in asset tracking systems
• Demonstrated commitment to service excellence and teamwork
• Ability to work effectively and cooperatively with a diverse group of individuals or departments
• Excellent communication skills, both written and verbal