Information Security Analyst

At Touro, our top-tier Information Security team proactively identifies and responds to real-time threats. We are inviting applicants for an Information Security Analyst who will play a key role in staying ahead of emerging exploits and security trends, safeguarding the vast volume of valuable data that flows through our systems daily. Reporting to the Chief Information Security Officer, this role will help maintain our university's reputation for integrity in this dynamic and ever-evolving field. The Security Analyst will be responsible for conducting information security assessments, compliance reviews, incident response, and strengthening Touro university’s overall cybersecurity posture.

Responsibilities include but are not limited to:

• Implement controls and solutions to address information security issues
• Support information security activities that help reduce operational IT and information security risks
• Undertake entitlement reviews on a consistent basis
• Regularly provide and modify Information Security documentation to accommodate any/all new regulatory requirements and related updates for inclusion in Information Security related policies, procedures, standards and guidelines.
• Review and analyze complex data and information to provide insights, conclusions and actionable results.
• Recommend a course of action to mitigate risk and ensure that appropriate security standards are established and published. Contribute to the achievements of Information Security objectives.
• Analyze existing security systems and make recommendations for security changes or improvements to the current situation; evaluate trends; and anticipate requirements.
• Prepare reports and action plans in the event that a security breach does occur and determine security violations and inefficiencies by conducting periodic audits.
• Recognizes problems by identifying abnormalities; reporting violations and monitoring the network to provide early warning of abnormalities or problems.
• Protects system by defining and recommending access privileges, control structures, and resources.
• Keeps management informed and maintains quality service by following organizational policies.
• Maintains technical knowledge by attending educational workshops; reviewing publications.
• Contributes to team effort by accomplishing related results, as needed. Participates on complex, comprehensive or large projects and initiatives.
• Acts as support in technology controls / information security for project teams, the business / organization and/or outside vendors.
• Work with CISO to perform application audits against institutionally accepted security controls and develop and document controls where they are lacking.
• Record and prepare reports on IT security incidents using tools provided, including but not limited to compromised accounts, e-mail threats, and abuse reports from various sources.
• Provide first level security monitoring and investigations.
• Undertake vulnerability assessments and assist with penetration testing for specific applications, services, networks and servers, as required.
• Support information security applications/tools including but not limited to managed IPS, e-mail gateway protection, isolation and DLP tools, incident response tools, antivirus and EDR tools, laptop tracking tools, and vulnerability management tools.
• Other responsibilities, as assigned by CISO.

Education/ Experience

• Bachelor’s degree required or Masters degree preferred in computer science, Information Technology, Cybersecurity, or a related field.
• At least 2 years of experience in IT security, or a related field
• Prior experience in working in a higher education setting desired.
• CISSP, Security+ certs, preferred

Knowledge/ Skills/ Abilities

• Knowledge of information security protocols and industry best practices, network and security components, including firewalls, TCP/IP and other network administration protocols, including their vulnerabilities and solutions is preferred.
• General administrative duties required
• Familiarity in online learning platforms including Banner, Canvas, Blackboard, & Adobe Connect preferred
• Proficiency using MS Excel required (Excel Intermediate)
• Strong attention to details required
• Demonstrated ability to develop positive and cooperative relationships with students, faculty and colleagues required
• Demonstrated proficiency in communication (written and verbal) required
• Must have an information security skillset with analytical mindset that is not afraid to offer decisions
• Possess knowledge of information security regulations (including HIPAA), as well as, administrative and organizational systems.
• Must have strong writing skillsets.
• Maintain good (digital) citizenship.
• Uphold, enforce, and abide by all institutional policies.
• Protects system by defining and recommending access privileges, control structures, and resources.
• Keeps management informed and maintains quality service by following organizational policies.
• Maintains technical knowledge by attending educational workshops; reviewing publications.
• Contributes to team effort by accomplishing related results as needed. Participates on complex, comprehensive or large projects and initiatives.
• Must have knowledge of technology controls / security/ risk issues.
• Has strong Microsoft Word and PowerPoint presentation skillsets.

Travel

• Travel to Touro NY campuses as required.
• Possibility of flexible Work Arrangements including remote work opportunities