Information Security Analyst, OmniSOC at Indiana University in Indianapolis, Indiana

Job Description:

Department



UITS OMNISOC (UA-DOMN-IUINA)



Department Information



At University Information Technology Services (UITS) we provide the technology, tools, and services you need to succeed. UITS supports IU's vision for excellence in research, teaching, outreach, and lifelong learning. We ensure a workplace that encourages growth, flexibility, and creativity, as well as a culture that champions inclusion, diversity, and overall employee well-being through programs supported university wide. As an Equal Opportunity Employer, we believe in each person's potential, and we'll help you reach yours.


OmniSOC is a security operations center hosted at Indiana University which provides monitoring and security operations services to US-based higher education institutions, research and education networks, and NSF-funded research facilities. OmniSOC is primarily made up of 4 teams:

• A business development team which drives OmniSOC growth and revenue by engaging prospective and current members, both directly and through outreach and engagement activities.


• A platform engineering team responsible for running the OmniSOC SIEM and other IT infrastructure.


• A security services team specializing in the comprehensive assessment and growth of OmniSOC members security programs by providing expertise, coaching, and security operations services to members.


• The security analyst and engineering team (this role) focuses on the analysis of OmniSOC member log data from networks and endpoints for indications of potential malicious activity or compromise.

All 4 teams work together to deliver high-quality, timely service to our membership. Our success is dependent upon our teams working in a collaborative, highly organized and efficient manner.


OmniSOC key values:



Member focus

• Analysts engage deeply with members to understand their goals, strengths, needs and challenges.


• We are committed to raising the cybersecurity level of our community for the betterment of all

Impact

• Each analyst at OmniSOC bears responsibility for the success of OmniSOC and our community. We are committed to enabling the missions of education and research members through safer technology.


• We are focused on impactful over volume.

Individual Mastery and collective improvement.

• We value an exploring mindset and actively encourage curiosity while pursuing ways to learn more, make the world better, and expand our expertise.


• We view mistakes not as failures, but learning opportunities, and try to learn from each failure.
  

Communication

• We are open and direct with each other when discussing problems.


• We default to openly sharing information with each other, our members, and the community.

Courage

• We make tough decisions without agonizing and learn through doing and through one another to collectively improve our decision making.


• We act according to our principles even when no one is looking, we are unafraid to speak our minds or question actions that don't align with our professed values.

If OmniSOC sounds like a place you'd like to work, we encourage you to apply!


Learn more about OmniSOC.



Job Summary



OmniSOC is seeking an Information Security Analyst to join our team. The scope of this position covers incidents and security data across the entire OmniSOC member base, including internally managed and monitored systems. This position has a significant impact on Indiana University's support of OmniSOC members, to continue to lead in the cybersecurity space in higher education.


Department-Specific Responsibilities

• Supports incident response activities within the OmniSOC's domain of customers.


• Maintains consistent communication and feedback with the OmniSOC Security staff.


• Serves as resource to other OmniSOC security analysts and student interns.


• Analyzes detected security incident alerts for indications of computer security breaches and other incidents involving the use of technology.


• Reports likely compromises to appropriate OmniSOC members to include all analysis details and data sources used as part of the investigation; follows up with member security staff teams until an incident has been resolved.


• Acts as a liaison between OmniSOC and OmniSOC members for reported incidents, providing continued analysis as requested by the member security staff teams.


• Recommends and implements new SIEM visualizations and dashboards to assist with incident analysis workflows.


• Evaluates existing workflows and dashboards developed by OmniSOC Security Engineers to analyze advanced attacker techniques.


• Searches OmniSOC member logs for any occurrences of threat indicators and if any is discovered, analyzes all available log data to determine if an incident may have occurred.


• Acts as a technical resource for other OmniSOC analysts and student interns by providing training to teammates, attending training, seminar, and conferences.

General Responsibilities

• Performs ongoing analysis and monitoring of technology environments to identify security exposures and potential threats.


• Assesses and determines level of risk in order to provide threat information to information security leadership and/or department decision-makers; collaborates with information security staff to recommend protections and solutions.


• Documents information security analysis and monitoring efforts.


• Researches and stays abreast of current higher education security environment and trends; stays up-to-date on information security analysis and monitoring best practices, tools, and approaches.


• Assists with communication, awareness and training efforts for faculty, staff and student population through the creation of informational bulletins, best practices.


• Escalates complex exposures or threats to experienced security analysts and/or security engineers to ensure risks are avoided and/or addressed.


• Assists with incident response investigations and may assist with disaster recovery and business continuity efforts.

Qualifications



Combinations of related education and experience may be considered. Education beyond the minimum required may be substituted for work experience. Work experience beyond the minimum required may be substituted for education.


EDUCATION



Required

• Bachelor's degree preferably in Computer Science, information technology, information security, or related field.

WORK EXPERIENCE



Preferred

• Log analysis and computer security incident response experience.


• Computer/database programming experience.


• Experience providing excellent customer service in a computing and web-based applications environment.

LICENSE AND CERTIFICATES



Preferred

• Professional level certifications in Computer Science, information technology, information security, and/or related field.

SKILLS



Required

• Proficient communication skills.


• Maintains a high degree of professionalism.


• Demonstrated time management and priority setting skills.


• Demonstrates a high commitment to quality.


• Possesses flexibility to work in a fast paced, dynamic environment.


• Seeks to acquire knowledge in area of specialty.


• Demonstrated in-depth knowledge of Microsoft Windows or Unix-like operating systems.


• Attention to detail in communicating technical issues and implementing solutions.

Preferred

• Extensive working knowledge of the IP protocol suite, specifically relating to TCP and UDP protocol behavior and interdependencies with the applications suite (DNS, SMTP, HTTP, SSL/SSH, etc.).


• Demonstrates knowledge of computing environments and authentication mechanisms.


• Demonstrates knowledge of central authentication systems and expertise with tools used to identify users of devices connected to a network.


• Demonstrates understanding of databases and query structures.


• Possesses knowledge of University policies and U.S. Laws as they relate to copyright.


• Ability to expeditiously review and analyze detailed information.


• Ability to work independently and as a member of a team.


• Ability to handle and safeguard confidential information.

Working Conditions / Demands



This role requires the ability to effectively communicate and to operate a computer and other standard office productivity equipment. The position involves sedentary work as well as periods of time moving around an office environment and the campus. The person in this role must be able to perform the essential functions with or without an accommodation.


Federal background checks, separate from the local and national check IU already runs, and/or non-disclosure agreements on behalf of the OmniSOC's customer base will be required to fulfill employment requirements.


For more information visit the website; here.



Work Location



Indianapolis, Indiana or Bloomington, Indiana


This position is eligible to work a hybrid schedule (mix between remote and in-person work), subject to change in the future based on university policy and business needs.



Benefits Overview



For full-time staff employees, Indiana University offers a wide array of benefits including:

• Multiple plan options for medical insurance


• Dental insurance


• Health Savings Account with generous IU contribution


• Life insurance, LTD, and AD&D options


• Base retirement plan contribution from IU, subject to vesting


• Additional supplemental retirement plan options


• Tuition benefit for IU classes


• 10 paid holidays per year


• Generous Paid Time Off


• Paid Parental Leave


• Employee Assistance Program (EAP)

Learn more about our benefits by reviewing our online Benefits Brochure.



Job Classification



Career Level: Core


FLSA: Exempt


Job Function: Information Technology


Job Family: IT Security & Privacy


Click here to learn more about Indiana University's Job Framework.



Posting Disclaimer



This posting is scheduled to close at 11:59 pm EST on the advertised Close Date. This posting may be closed at any time at the discretion of the University, but will remain open for a minimum of 5 business days. To guarantee full consideration, please submit your application within 5 business days of the Posted Date.


If you wish to include a cover letter, you may include it with your resume when uploading attachments.



Equal Employment Opportunity



Indiana University is an equal employment and affirmative action employer and a provider of ADA services. All qualified applicants will receive consideration for employment based on individual qualifications. Indiana University prohibits discrimination based on age, ethnicity, color, race, religion, sex, sexual orientation, gender identity or expression, genetic information, marital status, national origin, disability status or protected veteran status. Indiana University does not discriminate on the basis of sex in its educational programs and activities, including employment and admission, as required by Title IX. Questions or complaints regarding Title IX may be referred to the U.S. Department of Education Office for Civil Rights or the university Title IX Coordinator. See Indiana University's Notice of Non-Discrimination here which includes contact information.



Campus Safety and Security



The Annual Security and Fire Safety Report, containing policy statements, crime and fire statistics for all Indiana University campuses, is available online. You may also request a physical copy by emailing IU Public Safety at iups@iu.edu or by visiting IUPD.



Contact Us



Request Support
Telephone: 812-856-1234 Apply Now