Under limited supervision, the Information Security Analyst and Program Coordinator is the primary campus expert for information security incident investigation, e-discovery, security systems specification, policy/standard specification, monitoring, reporting, information security policies and standards, management of information security projects, enforcement of campus security policies, risk assessment, vulnerability assessment, administration of central security systems, and administration of the campus information security web site.
The incumbent will interact with campus technical support staff and constituents to document critical assets and serve as a security liaison/consultant to departments, and serve as a resource for the proper handling of information security incidents and work with campus administrators and staff to resolve any issues. The incumbent will be proactive in their approach in order to make recommendations and ensure users/departments have the most up-to-date technological solutions to perform their jobs and serve the university community effectively and securely. The incumbent will prepare and maintain documentation, including inventory of campus confidential data and other high-risk information assets, create monthly and quarterly information security status reports and create guides for complying with campus requirements, either by devising solutions or by documenting practices already in use on campus.
- Information Security Analysis and Reporting.
- Develop inventory of information assets containing Level 1 or Level 2 data. Review and verify user access to Level 1 and Level 2 information.
- Assist departments with completing annual technical assessments and advise them on secure solutions.
- Assist departments with IT Disaster Recovery Plans in coordination with department business continuity plans and campus master plan.
- Review and confirm department firewall and Identity Services Engine rule requests.
- Assist and advise on information security incidents. Root cause analysis, preventative action, notifications.
- Develop annual campus risk assessment report with analysis, recommendations and action plan.
- Develop annual information security report with analysis, recommendations and action plan.
- Lead annual assessment of campus and Unisys Firewall rule sets in alignment with campus operations. Close any open/vulnerable ports.
- Ensure completion of monthly campus border firewall scans and ensure campus is not exposed to threats.
- Assist with special information security internal audits(i.e. VOIP penetration testing, application penetration testing, web application penetration testing, web server vulnerability remediation).
- Assist with eDiscovery efforts for campus in support of Human Resources, Administrative and Office of General Counsel initiatives. Browse, monitor, access email messages or stored files in user accounts when authorized by Information Security Officer and either Human Resources or Counsel. ***This activity is only to be conducted in order to comply with an applicable law, regulation or under the guidance of law enforcement, Human Resources, or legal counsel.
- Administrator of campus annual Information Security Awareness Training system.
- Coordinate and develop supplementary training exercises for campus, including open forums, department training sessions, and other events.
- Administer central Security Information and Event Management system. Ensure logs are adequately collected for security review. Create alerts for high priority events.
- Administer central workstation/server encryption system. Work with department technicians to maintain compliance with SB1386.
- Administer central DLP solution. Work with department users to initiate scans for PII.
- Administer central vulnerability management system. Work with department technicians to initiate scans and ensure compliance.
Knowledge, Skills & Abilities
- Working knowledge of information systems, servers, firewalls, operating systems, access control lists, etc.
- Understanding of common data classification schemes (private, confidential, public, etc.)
- Understanding of data asset and vulnerability identification mechanisms, i.e. identity finder, Qualys, Rapid 7.
- Working knowledge of physical security systems, access control, fire prevention, UPS, generation.
- Working knowledge of secure programming, storage, and cloud service operations.
- Thorough understanding of HIPAA, PCI, FERPA and other applicable laws and regulations.
- Demonstrated knowledge of firewalls, protocols, ports, and their security implementations.
- Working knowledge of ISO27001, information security best practices
- Thorough understanding of penetration testing for applications, servers, voip, web servers, etc.
- Thorough knowledge of operating systems, eDiscovery, email systems, file systems, servers, and other technologies. Ability to maintain confidentiality. Ability to create and maintain a forensically sound investigation record permissible as evidence in a court of law, State Personnel Board, etc.
- Understanding of information security industry standards and guidelines including;
- NIST (National Institute of Standards and Technology),
- Knowledge of learning management solutions, Workplace Answers, Lawroom, SkillPort, SANS, etc.
- Advance knowledge of SIEM products i.e. Accelops, Splunk, Secureworks
- Knowledge of vulnerability management products i.e. Rapid7 Qualysgard
- Advance knowledge of DLP solutions i.e. Identity Finder
- Thorough knowledge of Database and other application systems.
- Thorough knowledge of current information security issues, vulnerabilities, malware, and solutions.
- Working knowledge of html code, Dreamweaver, Drupal, OUCampus, or other WYSIWYG web page creation tools.
- US-CERT (United States – Computer Emergency Readiness Team systems and practices, and the Twenty Critical Controls for Effective Cyber Defense: Consensus Audit Guidelines.
- Bachelor’s degree or equivalent training in computer science, information systems, educational technology, communications, or related fields, or similar certified coursework in applicable fields of study
- Four years of computer programming and software development, information processing, systems analysis, technical information equipment and systems, and/or application program packages and related technical functions
- 5+ years’ experience in information security incident investigation
- Experience with firewall and Identity Services Engine Rule
- Experience generating reports using CSV, HTML, XLS, PDF
- Experience with vulnerability management products (i.e. Rapid7 Qualysgard)
- Experience in Project Management
Classification: Confidential Technical Support III
Salary Range: $3,455/month - $11,566/month
San José State University offers employees a comprehensive benefits package typically worth 30-35% of your base salary. For more information on programs available, please see the Employee Benefits Summary.
Click Apply Now to complete the SJSU Online Employment Application and attach the following documents:
- Letter of Interest
All applicants must apply within the specified application period: December 7, 2021 through December 20, 2021. This position is open until filled; however, applications received after screening has begun will be considered at the discretion of the university.
CSU Vaccination Policy
The CSU requires faculty, staff, and students who are accessing campus facilities to be immunized against COVID-19 or declare a medical or religious exemption from doing so. Any candidates advanced in a currently open search process should be prepared to comply with this requirement as a condition of employment. The system wide policy can be found at https://calstate.policystat.com/policy/9779821/latest/ and questions may be sent to email@example.com.
Satisfactory completion of a background check (including a criminal records check) is required for employment. SJSU will issue a contingent offer of employment to the selected candidate, which may be rescinded if the background check reveals disqualifying information, and/or it is discovered that the candidate knowingly withheld or falsified information. Failure to satisfactorily complete the background check may affect the continued employment of a current CSU employee who was offered the position on a contingent basis.
The standard background check includes: criminal check, employment and education verification. Depending on the position, a motor vehicle and/or credit check may be required. All background checks are conducted through the university's third party vendor, Accurate Background. Some positions may also require fingerprinting. SJSU will pay all costs associated with this procedure. Evidence of required degree(s) or certification(s) will be required at time of hire.
SJSU IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (e.g. H1-B VISAS)
All San José State University employees are considered mandated reporters under the California Child Abuse and Neglect Reporting Act and are required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment.
Equal Employment Statement
San José State University (SJSU) is an Equal Opportunity/Affirmative Action employer committed to nondiscrimination on the basis of age, ancestry, citizenship status, color, creed, disability, ethnicity, gender, genetic information, marital status, medical condition, national origin, race, religion or lack thereof, sex, sexual orientation, transgender, or protected veteran status consistent with applicable federal and state laws. This policy applies to all SJSU students, faculty and staff programs and activities. Title IX of the Education Amendments of 1972, and certain other federal and state laws, prohibit discrimination on the basis of sex in all education programs and activities operated by the university (both on and off campus).