• Davidson faculty are solving important problems, developing useful tools, and contributing to our understanding of the world.

  • Davidson College offers competitive benefits for our employees.

ALREADY APPLIED?

Update your details,view your application and progress
Login

JOB Alerts

Keep informed about job opportunities at Davidson.

REFINE SEARCH

Employment

SEARCH BY KEYWORD

Information Security Analyst & Program Manager

Apply now Job no: 492957
Categories: Staff
Department: T&I - CIO Office

This position is responsible for the maintenance, growth and improvement of Davidson College’s information security program. In this role, the incumbent will be responsible for daily operations, project work, and strategic efforts across all dimensions of information security -- security operations, policy development, compliance, training and awareness, and service design. This position will participate in T&I’s Technology Architecture team, and will also represent Davidson in industry groups such as the Research & Education Networking Information Sharing & Awareness Center (REN-ISAC) along with state and local organizations.

This position provides an opportunity for a talented, motivated professional with training in and operational exposure to cybersecurity to grow the depth and breadth of their professional skill set. The position provides a wide exposure to multiple facets of the security profession and should help candidates to develop a deeper skill set that will prepare them for advancement in cybersecurity professionally, including at larger institutions in higher education or the corporate world. S/he is expected to contribute positively to a high-performing team and promoting a culture of collaboration, transparency, empathy, innovation, and accountability within T&I.

Principal Duties and Responsibilities

  • Implement and refine Davidson’s information security plan for the college, including developing, implementing, and managing information security policies, procedures, and other controls (such as NIST 800-171) to minimize overall security risk.
  • Maintain operational responsibility for T&I’s security operations function, including an incident reporting and response system, risk assessment program, vulnerability testing, security event monitoring, and other programs as needed.
  • Act as the CIO’s designee on Information Security matters and serve as the campus contact point for external auditors and agencies on security/privacy matters, and with vendors for security review of new products/services.
  • Participate in higher education and industry information security communities to ensure Davidson remains abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to Davidson and its mission.
  • Liaise with third party security consultants retained by Davidson as needed for additional assistance on technical security matters as appropriate, and with law enforcement when required.
  • Lead education and outreach programs for the campus community focused on privacy and information security.
  • Partner with T&I staff, campus departments/divisions, college general counsel, and others as needed to perform security reviews of new applications, products, vendors and cloud services to an extent relevant for their risk.
  • Collaborate with the Technical Architecture group and other T&I staff to ensure the security by design of services and infrastructure.
  • Chair the T&I Security Review Board process and meetings. Provide metrics and reporting on information security services and operations.
  • Perform daily security operational review from multiple data sources throughout T&I, including our SIEM, firewall, DNS servers, antivirus servers, and authentication sources.
  • Mentor as warranted resources such as a paraprofessional, one-year term position (T&I cybersecurity fellow) and student assistants as needed to assist in security operations and projects.

Minimum Qualifications

This position seeks a candidate with training or experience in the cybersecurity field. An ideal candidate would have an associate’s s degree in cybersecurity plus two to three years’ work experience in security operations, policy, or controls; or, a bachelor’s degree and one year’s work experience in same. Alternative credentialing and work experience will be considered in lieu of a degree.

A CISSP certification or equivalent is optional but not expected; this position is an ideal opportunity for an early-career cybersecurity professional seeking experience providing breadth and depth in support of both future professional certification as well as industry advancement. Incumbents will be allowed and expected to participate in ongoing industry training through REN-ISAC and other organizations to deepen their technical, functional and policy skill set.

  • Work history should include some experience in a security operations function, including skills such as firewall and log review, event identification and triage, phishing/compromised account identification, and security remediation.
  • Familiarity with IP-based network and concepts (TCP/UDP, identifying network traffic sources and destinations, firewalls, IDS/IPS capabilities, etc.)
  • Understanding of IT service architectures and designs, including premises and cloud service delivery, IT supporting architecture, identity and access management concepts including single sign-on and multifactor authentication.
  • Up-to-date awareness of the main security risks at an institution of Davidson’s size and complexity, including email threats/phishing, vulnerabilities, account security, inappropriate data storage, device encryption, etc.
  • Some experience administering or reviewing security operations tools at a small to mid-size enterprise, including next-generation firewall/IDS/IPS (Palo Alto, Fortinet, etc.); SIEM systems (ELK, Splunk, AlienVault, etc.); DNS security systems (OpenDNS, Akamai DNS, etc.); anti-virus/anti-malware systems; authentication event logging; etc.
  • Experience working in a highly collaborative organization is a plus. Higher education experience is a plus.
  • Good stakeholder management and project management skills.
  • Demonstrated experience in handling topics and information that are highly sensitive and often confidential.

If interested in applying, please submit an online application along with a cover letter and resume to http://employment.davidson.edu.  Review of applications will begin immediately.

At Davidson College, we believe the college grows stronger by recruiting and retaining a diverse faculty and staff committed to building an inclusive community.  In order to achieve and sustain educational excellence, we seek to hire talented faculty and staff across the intersections of diverse races, ethnicities, religions, sexual orientations, gender identities, ages, socio-economic backgrounds, political perspectives, abilities, cultures, and national origins.

Advertised: Eastern Standard Time
Applications close:

Back to search results Apply now Refer a friend

Share this: | More