Information Technology Security Analyst

The Information Technology Security Analyst is responsible for assisting the college ISO in planning and administration of the college’s information security program.

The Information Technology Security Analyst will help develop the policies, standards, and procedures necessary to protect the college and VCCSITS infrastructure. Installing, configuration, monitoring and managing of college network systems and associated servers. The administration of college IT security operations, testing and utilizing intrusion detection tools.

BS in Information Systems, Computer Science or related field or a combination of education, training and experience. Significant experience in the administration of Information Technology Security Systems , network monitoring and intrusion detection tools.

Certified Information Systems Security Professional (CISSP) and/or Cisco Certified Security Professional or possess a similar security professional certification. Expert experience with maintaining system security using packet filtering, logging, and intrusion detection systems in production computing environments. Expert experience with Cisco SourceFire or similar tools preferred. Rapid 7 Nexpose/Metasploit or similar network scan experience. Expert experience with Splunk or similar tools. PCI experience desired.

Extensive knowledge of Cisco routers, switches, firewalls, Radius and TACACS server, VPN devices, intrusion detection systems and Cisco Prime management server. Experience with Windows 2008/2012 based networks, Exchange/Office365 and Microsoft Backoffice products. Knowledge and experience with Linux, Apple and VmWare. Extensive knowledge of disaster recovery planning and testing, auditing, risk analysis, and business continuity planning. Extensive knowledge and experience with Intrusion Detection System and Intrusion Prevention Systems with Cisco preferred. Excellent interpersonal and communication skills. Ability to function and serve as an effective member of the college Information Technology Services team . Ability to effectively communicate and interpret information security-related concepts both verbally and in writing to a broad range of technical and non-technical staff. Experience writing policies and procedures.