1. Home
  2. Careers
  3. Job Descriptions
  4. University Job Descriptions
  5. Duke University Job Descriptions

Duke University Job Descriptions

Duke Job Postings

To see if there are current openings for any of the job descriptions listed on this web site, please search Duke Jobs.

DHTS INFORMATION SECURITY ANALYST

Job Title: DHTS INFORMATION SECURITY ANALYST
Job Code: 3843
FLSA: E
Job Level: CD
Revised Date: 03/01/2017
Job Family: JF 08

~ Printer-Friendly Version ~

Occupational Summary

The Information Security Analyst provides support for a variety of operational and consultative functions as part of a Duke IT Security Office. The Information Security Analyst helps design, implement, manage, and monitor technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization's information assets. The Information Security Analyst will carry out these responsibilities in collaboration with IT, clinical, research, and management staff from across Duke.

Work Performed

LEVEL 1:

Analyze findings from security monitoring systems, including Data Loss Prevention and Security Information Event Management consoles, to identify and respond to potential security incidents and data breaches.

Participate in incident response activities.

Conduct vulnerability scans and penetration tests to identify security risks and report on findings to system owners.

As part of performing incident response and vulnerability assessment activities, use professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts.

Respond to relevant service requests received from end users (e.g. for investigation of security events, reviewing changes requests for firewall rules or VPN configurations, or addressing user access requests).

Assist in delivering security awareness training for the organization's staff.

Help provide reports and presentations on the status of security controls to management and technical staff.

Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments.

24x7 on-call support rotation may be required.

Performs other related duties incidental to the work described herein.

LEVEL 2:

In addition to the duties described for the Level 1, the Level 2 will:

Lead or participate in incident response activities.

Collaborate with system, application, and data owners/custodians to conduct threat modeling exercises, risk assessments, and workshops to analyze business, legal, and regulatory requirements.

Using output from risk assessments and requirements analysis, assist system, application, and data owners/custodians with selecting security controls and documenting system security plans.

Review existing security plans with system, application, and data owners/custodians to ensure that controls are properly implemented, and to proactively identify any gaps that may result in audit findings.

Assist system, application, and data owners/custodians with selecting and documenting controls to address security-related audit findings.

Develop and deliver security awareness training for the organization's staff.

Provide reports and presentations on the status of security controls to management and technical staff.

LEVEL 3:

In addition to the duties described for the Level 2, the Level 3 will:

May function as a technical leader, either as a subject matter expert with proficiency in defined area(s) of the profession, or as a generalist, with a broad knowledge of all aspects of the profession.

May function as a team leader, responsible for supporting management in day-to-day personnel oversight and workflow management activities.

Through technical expertise, thought leadership, and effective communication, assist in developing and establishing the strategic direction for the information security program.

Actively survey the external environment to identify emerging industry trends and technologies that are relevant to reducing the organization's information security risks.

Develop capital business plans for new or updated security technology projects.

Lead complex information security initiatives, coordinating with project management and technical resources from other departments to achieve project objectives.

Act as a primary liaison to information security product vendors, escalating support issues and communicating product enhancement requests.

Work with other IT architects and technical leads as the primary security liaison on large IT infrastructure and application projects.

Working with cross-functional teams, conduct threat-modeling exercises and analyze business objectives to identify, document, and establish security requirements for strategic IT initiatives.

Provide reports and presentations on security industry trends and technologies that are relevant to the organization.

As appropriate, participates in external professional organizations that are relevant to the objectives of the information security program.

Required Qualifications at this Level

Education/Training

Level 1, 2 and 3 - Bachelor's degree in a related clinical or technical field, or four years of equivalent technical experience required.

Level 3 - A Master's degree in computer science, information systems, business management, engineering, mathematics, healthcare, a physical science, or other related field is preferred.

LICENSURE/CERTIFICATION:

LEVEL 1:

N/A

LEVEL 2:

In addition to the requirements described for the Level 1, the Level 2 requires:

One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are preferred.

Additional technical or management certifications (e.g. MCSE, CCNP, CCIE, or PMP) are preferred.

LEVEL 3:

In addition to the requirements described for the Level 2, the Level 3 requires:

One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are required.

Experience

Level 1 - No experience required beyond the minimum education (or equivalency) requirement.

Level 2 - Two years of related experience is required.

Level 3 - Four years of related experience is required.

Skills

LEVEL 1:

Must have a working knowledge of at least one of the following information security practices, standards, and systems:

- Data Loss Prevention (DLP) systems

- Encryption technologies and standards

- Endpoint security software

- Governance, Risk, and Compliance (GRC) systems

- Firewalls

- Forensic investigation practices

- Identity and Access Management (IAM)

- Incident response practices

- Intrusion Detection and Prevention Systems (IDS/IPS)

- Network and/or application penetration testing

- Risk assessment practices

- Security Information Event Management (SIEM) systems

- Virtual Private Network (VPN) systems

- Vulnerability management practices

- Vulnerability scanning tools

Must have a working knowledge of at least one of the following regulatory compliance requirements and IT management frameworks:

- COBIT

- FISMA

- HIPAA Security and/or Privacy Rules

- HITECH and Meaningful Use

- HITRUST Common Security Framework (CSF)

- ISO 27000-series standards

- ITIL

- NIST information security standards

- PCI DSS

- ITIL

The ideal candidate will have demonstrated the following characteristics through past professional and educational experiences:

- A broad understanding of multiple IT disciplines and technologies

- Strong focus on customer satisfaction

- Strong written and oral communication skills

- Strong critical thinking, analytical, and problem solving skills

- Able to troubleshoot problems in complex technical environments

- Able to work independently or as part of a team as necessary

- Able to effectively prioritize tasks with competing deadlines

- Able to maintain a positive attitude in challenging circumstances

LEVEL 2:

In addition to the KSAs described for the Level 1, the Level 2 will demonstrate:

Must have working or expert knowledge of least three of the information security practices, standards, and systems described above.

Must have working or expert knowledge of least two of the regulatory compliance requirements and IT management frameworks described above.

In addition to those described above, the ideal candidate will have demonstrated the following characteristics through past professional and educational experiences:

-Self-starter who is able to work with minimal direction

- Able to work effectively across multiple technical disciplines

- Strong interpersonal skills and the ability to build relationships with colleagues, customers, vendors, and other third parties

LEVEL 3:

In addition to the KSAs described for the Level 2, the Level 3 will demonstrate:

Must have working or expert knowledge of least five of the information security practices, standards, and systems described above.

Must have working or expert knowledge of least three of the regulatory compliance requirements and IT management frameworks described above.

In addition to those described above, the ideal candidate will have demonstrated the following characteristics through past professional and educational experiences:

- Exemplary capability to communicate with technical and non-technical audiences in both formal and informal settings

- Able to understand and translate between business and technical requirements

- Able optimize security controls by balancing risk against business requirements and costs

- Able to act as a team leader, providing workflow management and performance management feedback to individual contributors

- Able to build and understand budgets for technology projects

- Able to effectively act as a primary support interface to vendors

The intent of this job description is to provide a representative and level of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total of the specific duties and responsibilities of any particular position. Employees may be directed to perform job-related tasks other than those specifically presented in this description.

Duke University is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.

Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas-an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.

Essential Physical Job Functions

Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.

Duke Human Resources
705 Broad St. Box 90496
Durham, NC 27705
Phone: (919) 684-5600
Have questions?