SECURITY ANALYST #00031824

Hiring Department

Enterprise Systems & Applications

Job Description

Are you seeking to make a difference in the lives of students? Are you desirous of enabling research that is changing our world? Would you like to have a strong influence in setting direction for a technology organization whose mission focuses on education, research, and application of knowledge to solve some of the world’s great challenges? If so, we would like to talk to you. If you are a potential member of the S&T information technology team and are humble, coachable, approachable, introspective, and passionate about building relationships, then we want to talk to you. Serving at Missouri University of Science and Technology is a calling. We are revitalizing our campus and looking to a bright future. Join us.

This position will serve as a technical security expert. This position will be a part of the ISO led security team for risk and compliance and serve in a technical role for security under the ISO's direction for all S&T security.

Firewall Management

• Configure, monitor, and maintain enterprise firewalls to ensure secure network traffic and prevent unauthorized access
• Develop and implement firewall policies and rules based on industry standards and security best practices
• Design and manage network segmentation to protect sensitive data and systems from potential threats
• Troubleshoot and resolve firewall-related incidents and performance issues
• Collaborate with network teams to ensure firewall and network segmentation changes are aligned with organizational goals
• Collaborate with Networking and Systems Infrastructure team on the maintenance of data center firewall rulesets and routing related to service delivery
  
  

Azure Security And Active Directory Management

• Manage Azure Active Directory as part of a systemwide team, ensuring secure and scalable identity and access management
• Implement and manage security solutions within Microsoft Azure, including configuring security policies, managing resources, and monitoring for vulnerabilities
• Ensure proper configuration and security of Active Directory services, including group policy management, permissions, and role-based access controls
• Contribute to the maintenance of local custom web tools for privilege delegation capabilities of AD/Azure/other management functions
  
  

Account Management

• Oversee user account lifecycle management, including the provisioning, de-provisioning, and auditing of user access to systems
• Ensure adherence to the principle of least privilege across all account management activities
• Conduct regular reviews of user accounts and permissions to identify and mitigate potential security risks
  
  

Incident Response

• Lead and participate in security incident response activities, including investigating, analyzing, and mitigating security incidents
• Hunt for and remediate phishing campaigns, ensuring timely detection and neutralization of threats
• Secure mass email campaigns to prevent misuse and ensure the integrity of organizational communications
• Perform forensic analysis and root cause investigations to determine the scope and impact of security events
• Develop and document incident response procedures and runbooks to improve the organization’s response capabilities
• Collaborate with other teams to ensure proper escalation and resolution of security incidents
  
  

Vulnerability Management

• Administer vulnerability management tools, discovery, tracking, and remediation coordination
• Administer Microsoft security environment including Defender, Entra, and Sentinel
• Lead technical security operations including security monitoring and reporting
• Monitor security systems and logs for signs of potential vulnerabilities or breaches
• Develop and maintain security dashboards and reports for senior management and stakeholders
• Provide guidance on emerging threats, vulnerabilities, and best practices
• Provide oversight to other teams for patch management progress/state as well as help to determine when security issues require immediate vs delayed action
  
  

Risk Management And Compliance

• Ensure that security controls comply with industry regulations, such as CUI, NSPM-33, PCI, HIPAA, NIST 800-171, NIST 800-172, ITAR, NERC, and organizational policies
• Conduct regular security assessments, vulnerability scans, and penetration tests
• Recommend and implement security enhancements based on risk assessments and security audits
• Maintain compliance with export-controlled data regulations and work closely with law enforcement on related matters
  
  

Minimum Qualifications

• Bachelors degree in computer science, cybersecurity, or similar fields, or equivalent experience
• A cyber security certification such as CISSP, CISM, CEH, or equivalent is required
• Ability to obtain and maintain a top-secret security clearance is required
  
  

Preferred Qualifications

• 8 years of experience in security analysis with hands-on experience in firewall management, Azure, Active Directory, account management, and incident response
• Expertise in incident response, phishing remediation, mass email security, risk mitigation, and security operations
• Expertise in data security concepts such as security labeling, Controlled Unclassified Information (CUI), Secret, and Top-Secret information, and tools such as Microsoft Purview preferred
• Expertise in Microsoft security and networking tools such as Active Directory, Domain Controllers, Defender, Entra, and Sentinel preferred
• Expertise in vulnerability scanning tools such as Tenable, Qualys, Nessus, and Nmap
• Knowledge of access management models such as Identity and Access Management (AIM_ access controls, Access Control List (ACL) access controls, Privileged Access Workstation (PAWs), Role-Base Access Controls (RBAC), Attribute-Based Access Controls (ABAC), Privilege Escalation access control, and Zero Trust Network Access (ZTNA) preferred
• Ability to work with export-controlled data and collaborate with law enforcement agencies
• Strong understanding of security frameworks such as NIST, PCI, ITAR, NERC, ISO 27001, and CIS Controls
• Proficiency in scripting and automation (PowerShell, Python) for security purposes is a requirement
• Excellent analytical, problem-solving, and communication skills.an existing security clearance is preferred
  
  

Anticipated Hiring Range

The anticipated hiring range for this position has been established as $52,223-$120,078 annually.

Salary is determined by a variety of factors, including but not limited to, the individual’s particular combination of education, skills, and experience, as well as organizational requirements.

Your total compensation goes beyond the number on your paycheck. The University of Missouri provides generous leave, health plans, and retirement contributions that add to your bottom line.

Grade: GGS 9E, 10, 11, 12, OR 13

University Title: SECURITY ANALYST- ENTRY, SPECIALIST, EXPERT, PRINCIPAL, OR EXPERT.

To review the University of Missouri’s Staff Compensation Structure you can view the Job Code detail page. Internal applicants can determine their university title by accessing the Talent Profile tile in myHR.

Application Deadline

Applications will be accepted until this position is filled.

Sponsorship Information

Visa Sponsorship Information

Applicants must be authorized to work in the United States. The University will not sponsor applicants for this position for employment visas.

Benefit Eligibility

This position is eligible for University benefits. As part of your total compensation, the University offers a comprehensive benefits package, including medical, dental and vision plans, retirement, paid time off, short- and long-term disability, paid parental leave, paid caregiver leave, and educational fee discounts for all four UM System campuses. For additional information on University benefits, please visit the Faculty & Staff Benefits website at https://www.umsystem.edu/totalrewards/benefits.

Equal Employment Opportunity

The University of Missouri is an Equal Opportunity Employer.

To request ADA accommodations, please call the Office of Equity & Title IX at 573-341-7734.