The Information Technology and Security (ITS) – Information Security office has a position for an Information Security Analyst to join our team. Primary duties will include incident management, Identity and Access Management, Firewall administration, and handling a variety of ongoing operational duties in a team environment. Ability to solve problems, evaluate, assess, and/or improve information security controls that promote confidentiality, integrity, and availability of the University’s information technology resources and data repositories, as well as compliance with regulatory and policy requirements. This position reports to the Director, Information Security.
This position is designated as an essential employee and may be required to report to work as scheduled when University offices are closed due to severe weather or other conditions.
Duties and Responsibilities
• Conducts Incident Response & Management Activities utilizing multiple information security monitoring systems. Promptly detect, contain, and mitigate security incidents and threats to university resources and data.
• Responsible for monitoring (including after-hours, weekends, and holidays for on call rotation), firewalls, Secure Email gateway, and other security tools that monitor and detect malware, system compromises, and email issues.
• Assists with Governance, Risk, and Compliance (GRC). Conducts a variety of reviews of information technology and business processes (security reviews, risk assessments, ISO 27002 controls reviews and implementations, third party oversight. Evaluates third party solutions and participates in IT projects to perform analysis of risks to information and IT infrastructure.
• Manages and maintains the Identity and Access Management portal. Utilizing Single-sign-on for University applications and Multifactor Authentication.
• Assists campus departments participating in ISO 27001 audits with ensuring their business processes are compliant. Documents industry best practices and works with campus departments to re-engineer information handling practices where needed.
• Conducts research on a continuous basis to identify issues that may impact IT infrastructure and works effectively with ITS departments to ensure they address these issues promptly. Conducts routine testing of ITS infrastructure.
• Assists with managing a robust Security Awareness Program. Conducts in-person security awareness training presentations for diverse audiences (staff, students, and faculty).
• Assists faculty and students with hands-on experience labs, special projects, and internships.
• Audits the performance of in-house data processing systems activities, while ensuring high levels of data quality and availability.
• Recommends optimum equipment configurations.
• Assist with other processes and projects as required. Working with other University departments to ensure the use of technologies aligns with standards and regulatory requirements.
• Adhere to policies and procedures as defined by ITS management and leadership.
• Contribute to a work environment that encourages knowledge of, respect for, and development of skills to engage with those of other cultures and backgrounds.
• Bachelor’s degree in Information Security, Computer Science, Information Technology or related field, or an equivalent combination of experience, education, training.
• 3 – 5+ years’ experience.
• Industry certification required (CISSP, CISM, CISA, CEH, SANS GIAC).
• Possesses an in depth understanding of the current threat landscape, as well as experience analyzing and preventing threats and attacks.
• Ability to analyze complex IT processes and recommend changes that improve information security gaps, as well as compare IT controls with recommendations made in various industry standards.
• Knowledge of or the ability to quickly learn the University of Tampa software programs such as Workday and Microsoft Office.
• Demonstrated excellence in teamwork as well as excellent oral, written and interpersonal communication skills.
• Previous experience with Firewall management.
• Prior experience with Endpoint Security solution such as Microsoft Defender Advanced Threat Protection.
• Experience working with Secure Email Gateways.
• Knowledge of Cloud Access Security Broker.
• Experience in working with Identity and Access Management to include Single Sign-on, Multifactor Authentication, and Security Assertion Markup Language (SAML).
• Experience in Higher Education.
• Knowledge and experience with vulnerability management best practices based upon standards such as SANS Critical 20 Controls and NIST.
Please be sure to attach all required documents listed below in the attachment box at the bottom of the “My Experience” page of the application before continuing through the application.
• Cover letter
Monday – Friday 8:30 a.m. to 5:00 p.m. (after hours and weekend on call)
Summer: Monday – Thursday 8:00 am to 5:30 p.m.
Rotational on call as required for after hours, weekends, and holidays.
To receive full consideration for employment with The University of Tampa, please be sure to submit/upload required documents for this position at time of application submission. Required documents should be submitted in the attachment box at the bottom of the “My Experience” page of the application before continuing through the application.
Background Check Requirements
Finalists may be required to submit to a criminal background check. Some positions may also require a motor vehicle report and/or a credit report.
This description is intended to be generic in nature. It is not to determine specific duties and responsibilities for any particular position. Essential functions and overtime eligibility may vary based on the specific task assigned to the position.