Job Standard for Network Security Analyst 2
How to use this Job Standard:
- The Purpose, Scope, Qualifications and Job Functions are specific to this job title and can not be edited.
- Click “View in Google Docs/Download” and download to Word.
- Under Essential Functions you may add an additional 35%, specific to your department needs.
- Complete this standard before creating the job announcement and posting the position.
- This standard will be used as the new Job Description for the prospective employee.
- After hire is complete, insert Employee Name and PCN#.
Network Security Analyst 2 Overview
- Work Type: Professional
- Job Code: 75719
- Pay Grade: P9
- FLSA Status: Exempt
- Career Level: Senior
- Family: Information Technology
- Function: IT Security
Responsible to conduct vulnerability scans and penetration tests on campus systems, operates and monitor network and host-based intrusion detection/prevention systems, recommends security solutions, advises on systems and application-level security configurations and investigates and mitigates security risks as required.
Recognized subject matter expert who knows how to apply theory and put it into practice with in-depth understanding of the professional field with limited oversight from managers. Independently performs the full range of responsibilities within the function; requires deep job knowledge of area typically obtained through higher education combined with experience. Manages large projects or processes and problems faced are difficult and often complex; analyzes problems/issues of diverse scope and determines solutions. May manage programs that include formulating strategies and administering policies, processes and resources; functions with a high degree of autonomy. Influences others regarding policies, practices and procedures.
Bachelor’s degree or an advanced degree and 5 years of Information Technology Experience and 3 years Information Security experience or equivalent professional experience. Prefer degree concentration in: Computer Information Systems, Management Information Systems, Computer Science, Technical Writing or Business.
Knowledge, Skills and Abilities
- Strong analytical and problem-solving skills.
- Solid understanding of common threats, penetration/intrusion techniques and attack vectors.
- Ability to communicate findings in both verbal and written form.
- Knowledge of basic Incident Response procedures.
- Working knowledge of a broad range of current IT platforms and technologies.
- Experience correlating unstructured data across a wide variety of logs and other inputs.
- Experience with at least one programming language such as Ruby, Python, Perl, Java or C++.
- Strong networking knowledge with a focus on security.
- Experience with log and packet analysis tools and techniques.
- Experience analyzing and handling security incidents. Knowledge of technical security issues facing large organizations.
- Proven experience with security tools both open source and commercial tools.
- Experience in packet capturing and interpretation.
- Experience with analytical work, network and system troubleshooting, communications and public relation skills.
- Solid background and/or understanding of system administration.
- Working background and/or understanding of information technology development.
- Ability to obtain one or more security certification, and is able to work toward other advanced certification.
- Ability to determine which security alternatives are feasible and which alternative best solves the problem at hand. Ability to determine how best to meet new regulations.
60% of Time the Network Security Analyst 2 must:
- Serve as OITs IDS Security Analyst, maintain documentation of IDS.
- Identify new threats detected. Identify sources of external incidents and propose controls to minimize risk of future events where appropriate.
- Help in the writing and development of standard operating procedures for handling all types of incidents.
- Stay abreast of the latest vulnerabilities, exploits and other relevant threat-related information.
- Report common and repeat problems to management and propose process and technical improvements.
- Notify and work with clients to remediate issues detected.
- Develop scripts, tools and procedures to automate scans, assessments and discovery activities.
- Provides guidance on and handles incidents such as phishing notifications.
- Network tracking of data through packet captures, netflow and other systems with guidance.
- Vulnerability Testing and Assessment
- Create automated checks for system health or routine tasks on different OS’s.
- Keep system(s) updated and patched.
- Ensure services stay running and functional.
- Mentor and train fellow team members
- Maintain working relationships within OIT, campus community, outside vendors and community members
35% of Time the Network Security Analyst 2
Determined by department needs
5% of Time the Network Security Analyst 2
Perform other duties as assigned
Work Environment and Physical Demands
Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body. General office work involves sitting most of the time, but may involve walking or standing for brief periods of time.
Position requires on call and after hours support for maintenance and service down scenarios.
Server equipment maintenance; minimal.
May be required to travel with overnight stays for training.
Additional training/education or equivalent experience, as well as business need, are required for movement into higher level jobs.
Incumbent must perform the essential duties and responsibilities with or without reasonable accommodation. The above statements are intended to describe the general nature and level of work. Final employment offers are contingent upon a Final Candidate’s successful completion of a Background Verification and a determination by the University that the information derived from the Background Verification does not disqualify the individual. In addition, a Financial History Check and Motor Vehicle Record (MVR) Check may be required.