Department:Information Services Appointment Type and Duration:Regular, Ongoing Salary:Commensurate with experience Compensation Band:OS-OA08-Fiscal Year 2017-2018 FTE:1.0
Application Review Begins January 2, 2018; open until filled
Special Instructions to Applicants When applying you will be required to attach the following electronic documents:
1. A resume/CV and; 2. A cover letter indicating how you meet the minimum qualifications for the position.
You will also be required to submit the names of at least three professional references, their e-mail addresses, and telephone numbers as part of the application process.
Any application missing the above documents/information may be considered incomplete.
If you would like to view the complete position description including the duties, please send an email to firstname.lastname@example.org and reference the job title and job number in the subject line.
Department Summary Information Services (IS) is the central information technology unit at the University of Oregon and provides wide ranging services to campus. Information Services consists of four major functional areas: Customer Experience, which serves as the key contact point for interactions with campus clients and customers; Applications & Middleware, which manages and supports applications, integration services, identity management and data management; Information Security, which helps protect virtual or physical information; and Technology Infrastructure, which provides administration and support for the software, hardware, and services needed to support the campus IT environment. Information Services also includes the Advanced Network Technology Center. IS works closely with the Network for Education and Research in Oregon.
Established in 1876, the University of Oregon offers a breadth and depth of curricula with more than 270 academic programs and provides the opportunity to work at a respected research university with a strong holistic, liberal arts foundation. The UO also has a history of political and social involvement that embraces diverse beliefs, cultures, and values, and it is committed to environmental responsibility.
The university is also proud of its newly-announced Phil and Penny Knight Campus for Accelerating Scientific Impact, an initiative specifically designed to fast-track scientific discoveries and the process of turning those discoveries into innovations that improve the quality of life for people in Oregon, the nation and beyond. Information Services collaborates with Research and Innovation and our schools and colleges to support the research, teaching, and learning mission of the university.
Eugene is the home of the University of Oregon’s main campus. Located in the lush Willamette Valley, Eugene is well-known for outdoor pursuits like running, cycling, rafting, and fishing, as well as arts, music, crafts, brewing, wine-making, and community-supported agriculture. With branches in Portland and on the Oregon coast, the UO is deeply connected to Oregon's natural and cultural treasures.
Position Summary Reporting to the Director of Security Services & Information Assurance, the IT Security Analyst will be part of the Information Security Office team. This is a technical position, responsible for data protection solutions that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to the University of Oregon. This position also requires superior people and "soft" skills, like empathy, tact, flexibility, and collaboration.
The incumbent in the position will evaluate, assess, and provide recommendations on new products and technologies related to the design and deployment of secure systems. In addition, the incumbent will evaluate, assess, and perform risk analysis on existing, active vulnerabilities to provide actionable or informational security advisories to the university community. The IT Security Analyst will provide information security incident handling and response, in cooperation with strategic campus partners, to assist with identifying, investigating, documenting, mitigating and remediating incidents that involve university network and computer resources.
The IT Security Analyst will work with members of the Security team to investigate, perform forensics, compile relevant technical/background information, and perform post-mortem analysis of information security and AUP incidents. The IT Security Analyst will assist with education and outreach by providing advice to department on current best practices related to security, developing security documentation, and teaching workshops on computer security related topics.
The IT Security Analyst is required to apply critical thinking and risk analysis methodologies when considering the relative risks and rewards of potential actions. Choosing the most appropriate course of action when evaluating the impact of vulnerabilities and possible solutions; and considering both micro and macro impacts of their decision. The IT Security Analyst will stay abreast of evolving campus needs, technology capabilities, and threat intelligence from a variety of sources to optimize data protection measures. This position will work with campus stakeholders to ensure data security needs and controls are aligned to support organizational goals and objectives. This position will also provide off-hours, on-call support on a rotation basis in coordination with other groups within Information Services.
Candidates who promote and enhance diversity are strongly desired.
Minimum Requirements • Bachelor’s degree from an accredited college or university or demonstrated equivalent skills and experience • Three years or more of experience working in an IT position with significant information security responsibilities. An advanced degree (Masters) could be substituted for one year of experience. • Demonstrated expertise in three or more of the following IT Security domains: Data Security, Digital Forensics, Incident Response and Analysis, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management.
Professional Competencies • Ability to work effectively with faculty, staff, and students from a variety of diverse backgrounds • Demonstrated problem solving skills • Ability to adapt within a rapidly changing technical environment • Excellent verbal and written communication skills, including the ability to explain technical concepts to audiences with a wide range of technical skills • Ability to work independently as well as in a team-oriented, collaborative environment • Demonstrated familiarity with information security event triage. • Demonstrated familiarity with enterprise information security forensic tools. • Experience performing vulnerability scans in a professional environment.
Preferred Qualifications • Bachelor’s degree in Computer Science, Information Technology/Systems, Information Security or relevant field • Demonstrated familiarity working with a Security and Information Event Management product. • Two or more years of experience in an academic campus IT environment • Experience performing malware analysis. • Familiarity with Network Access Control (NAC) systems • Proficiency in any of several programming languages (e.g. Python, Perl, Ruby, Java, C, shell-scripting) • Operational Experience with Intrusion Detection and Intrusion Prevention Systems (e.g. FireEye, SNORT, BRO) • Operational experience with Vulnerability Assessment (e.g. Nessus, NMAP, Metasploit) • Working knowledge of laws, regulations and standards affecting information technology security in a higher education environment, including, but not limited to, PCI-DSS, HIPAA, HEOA, FERPA, and DMCA. • Certification in or progress toward at least one designation in an information security, risk, compliance or related discipline (e.g. CISSP, SSCP, CSA+, CASP, GESC, GCIA, CEH). • Prior or current Federal security clearance (S, TS, TS/SCI, etc.)
All offers of employment are contingent upon successful completion of a background inquiry.
The University of Oregon is proud to offer a robust benefits package to eligible employees, including health insurance, retirement plans and paid time off. For more information about benefits, visit http://hr.uoregon.edu/careers/about-benefits.
The University of Oregon is an equal opportunity, affirmative action institution committed to cultural diversity and compliance with the ADA. The University encourages all qualified individuals to apply, and does not discriminate on the basis of any protected status, including veteran and disability status.
UO prohibits discrimination on the basis of race, color, sex, national or ethnic origin, age, religion, marital status, disability, veteran status, sexual orientation, gender identity, and gender expression in all programs, activities and employment practices as required by Title IX, other applicable laws, and policies. Retaliation is prohibited by UO policy. Questions may be referred to the Title IX Coordinator, Office of Affirmative Action and Equal Opportunity, or to the Office for Civil Rights. Contact information, related policies, and complaint procedures are listed on the statement of non-discrimination.
In compliance with federal law, the University of Oregon prepares an annual report on campus security and fire safety programs and services. The Annual Campus Security and Fire Safety Report is available online at http://police.uoregon.edu/annual-report.
The University of Oregon, founded in 1876, is the stat'?s flagship institution. Located in Eugene, an energetic college town, the university offers academic excellence and hands-on learning opportunities in a welcoming atmosphere. Towering trees shade the 295-acre campus, where students, faculty members, and employees from a wide variety of backgrounds share a commitment to preserving the environment and pursuing innovation in more than 260 academic programs that range from Eugene to Portland and from the coast to the mountains. For more information visit http://www.uoregon.edu/about