Under general supervision, develops, evaluates and manages systems security across the enterprise. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Areas of concentration include system, network, and account management, authorization and access auditing, network and application vulnerability detection and management, malware incident management, intrusion detection and prevention.
1. Perform account, system, and network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action. Initiate escalation procedure to counteract potential threats/vulnerabilities
2. Enforces security policies and procedures by administering and monitoring security devices and services, reviews security violation reports, and investigates possible security exceptions. Updates, maintains, and documents security controls.
3. Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Involved in the evaluation of products and/or procedures to
enhance productivity and effectiveness.
4. Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
5. Maintains current technical knowledge and skills necessary to support the defined system architecture model.
6. Performs other duties assigned.
Bachelor’s Degree with coursework in computing or information systems and five years of progressively responsible computer systems management and analysis experience; or the equivalent. The following knowledge, skills, and abilities are required as appropriate to the technical field: Prior experience with specific systems, equipment and software may be specified as needed by department. Extensive knowledge of principles of computing and communications networks, and characteristics of computing hardware and software used in distributed environment. Ability to install, integrate, and configure complex server hardware and software including Operating Systems and associated configurations. Ability to install, integrate, and configure advance data communications or telecommunications hardware and software. Ability to assimilate, retain and utilize technical and applications-oriented information. Strong skill in analyzing and solving complex computing problems. Ability to coordinate a work team and train lower level analysts for specific tasks or assignments.
Experience with SIEM tools like ArcSight, QRadar, Splunk, etc. Experience with vulnerability scanners like Nessus, MVM, Qualsys, etc. Programming and scripting skills
Ability to think intuitively and analytically to break down and resolve problems
Ability to read, understand, and follow high-level policies and guidelines and apply those
guidelines to daily responsibilities
Ability to work proactively and independently
Ability to exercise good judgment and make sound decisions
Ability to pay close attention to detail and work under pressure
Ability to analyze system components and support options
Ability to be a forward, creative, positive, and flexible thinker
Experience working with legal, audit and compliance staff
Experience developing and maintaining policies, procedures, standards and guidelines
Excellent verbal, written and interpersonal communication skills, including the ability to
communicate effectively with the IT organization, project and application development teams, management and business personnel In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies
Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks
Familiarity with applicable legal and regulatory requirements, including, but not limited to, the Family Educational Rights and Privacy Act (FERPA), the U.S. Health Insurance Portability and Accountability Act (HIPAA), and the Federal Information Security Management Act (FISMA)
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required. This job description should not be construed as an exhaustive statement of duties, responsibilities or requirements, but a general description of the job.
Applicants must include in their online resume the following information: 1)Employment history: name of company, period employed (from month/year to month/year), job title, summary of job duties and 2) Education: school name, degree type, major.
UTA is an Equal Opportunity/Affirmative Action institution. Minorities, women, veterans and persons with disabilities are encouraged to apply. Additionally, the University prohibits discrimination in employment on the basis of sexual orientation. A criminal background check will be conducted on finalists. The UTA is a tobacco free campus.
Open Until Filled: Yes
Location: Ft. Worth