<p>If you are a current University of Tampa student, please search for and apply to student jobs here via Workday. Job applications for current students will not be considered if submitted through the external career center.</p> <p>Position Details</p> <p>Information Technology and Security (ITS) at The University of Tampa has a position for a Senior Incident Response Analyst to join our team. Primary duties will include maintaining, updating, and optimizing the Security Incident Event Management (SIEM) system, developing key performance indicators and dashboards, participating in incident response, evaluating and monitoring security infrastructure (firewalls, Email Security, Identity and Access Management), and handling various ongoing operational duties in a team environment. The successful candidate for this role needs to have a senior-level skillset with expert proficiency in SIEM technologies, and the ability to solve problems, evaluate, assess, and/or improve information security controls that promote confidentiality, integrity, and availability of the University's information technology resources and data repositories. Assists in ensuring compliance with regulatory and policy requirements.</p> <p>The Senior Incident Response Analyst reports to the ITS Assistant Vice President - Information Security. This position is designated as an essential university employee and must report to work as scheduled when University offices are closed due to severe weather or other conditions.</p> <p>Responsibilities include, but are not limited to:</p> <ul> <li>Configuring, optimizing, and managing a Security Incident Event Management System (SIEM) in alignment with industry and higher education best practices for detection, log ingestion, high-quality threat or incident correlation detection rules, and performance strategies for automated incident handling; with proven ability to generate key performance indicators, statistical reports, and dashboards </li><li>Developing a security incident event dashboard for executive management that acts as a 'single pane of glass' in examining threats, attacks, vulnerabilities, incidents, and key trends; provides automated reporting on demand, as well as executive-style presentations </li><li>Conducting Incident Response & Management Activities with expertise in multiple information security monitoring systems that examine email, threats, and anomalies </li><li>Detecting, containing, and mitigating security incidents and threats to university resources and data </li><li>Participating in after-hours on-call rotations (including after-hours, weekends, and holidays) </li><li>Serving as a member of the Computer Security Incident Response Team (CSIRT) and Business Continuity Emergency Incident Response Team (BCEIRT) </li><li>Completing incident reports and investigations of policy violations and follows established procedures if there are any suspected material incidents </li><li>Managing the Identity and Access Management portal, utilizing single sign-on for university applications and Multifactor Authentication, and monitoring for imposter threats </li><li>Participating in ongoing information security strategy sessions and contributes best practices to ensure that the information security program remains up-to-date and effective </li><li>Conducting routine vulnerability and penetration testing of the campus infrastructure </li><li>Documenting information security practices to align with the Information Security Management System and the Business Continuity Management System, and participates actively in audit preparation and meetings </li><li>Collaborating effectively with other university departments to ensure data security and policy compliance </li><li>Adhering to policies and procedures as defined by ITS management and leadership </li><li>Contributing to a work environment that encourages knowledge of, respect for, and development of skills to engage with other cultures and backgrounds </li><li>Performing miscellaneous duties as assigned </li><li>Contribute to a work environment that encourages knowledge of, respect for, and development of skills to engage with those of all cultures and backgrounds. </li></ul> <p>Requirements</p> <ul> <li>Industry certifications and experience providing evidence of senior-level expertise with SIEM technologies, as well as other information security monitoring and incident response solutions and methods </li><li>CISSP certification is required or must be obtained within 9 months, and candidates without a CISSP must have comparable industry and vendor security certifications (e.g., CISA, CEH, SANS, ISACA, Palo Alto, Proofpoint, and Microsoft) with the ability to earn additional certifications as required </li><li>5+ years' hands-on experience with SIEMs, intrusion prevention and firewall appliances, email security, and identity management systems </li><li>Experience working with, deploying, and optimizing SIEM technologies (e.g. MS Sentinel, Splunk), including the development of key performance indicators, incident dashboards for consolidated reporting and trends identification </li><li>Experience in Incident Response and security monitoring and detection tools (e.g. MS Defender, Proofpoint, NodeZero) </li><li>Ability to analyze complex IT processes, recommend changes that improve information security gaps, and compare IT controls with recommendations made in various industry standards </li><li>Possesses an in-depth understanding of the current threat landscape and experience analyzing and preventing threats and attacks </li><li>Knowledge of or the ability to quickly learn the University of Tampa software programs, such as Workday and Microsoft Office </li><li>Demonstrated excellence in teamwork as well as proficient oral, written, and interpersonal communication skills </li></ul> <p>Preferred</p> <ul> <li>Bachelor's or Master's degree in Cybersecurity, Information Technology, or Computer Science from an accredited higher education institution, or the ability to enroll and complete degree requirements </li><li>Experience working in the higher education sector </li><li>Experience administering and maintaining firewalls, endpoint privilege management, privileged access management, data loss prevention, vulnerability management, and penetration testing tools </li><li>Experience administering tier zero identity infrastructure that provides AAA services such as Active Directory, Azure Active Directory, and/or Okta. </li><li>Experience working with a wide variety of technical staff, managers, executives, and vendors </li><li>Advanced verbal and written communication skills </li><li>Advanced research, analytical, and problem-solving skills </li><li>Effectiveness in producing desired results and achieving goals and objectives while working independently </li><li>Practical skills include presenting findings, conclusions, alternatives, and information clearly and concisely </li></ul> <p>Required Attachments</p> <p>Please be sure to attach all required documents listed below in the attachment box at the bottom of the "My Experience" page of the application before continuing through the application.</p> <ol> <li> <p>Cover letter</p> </li><li> <p>Resume</p> </li></ol> <p>Work Schedule</p> <p>Monday - Friday 8:30 a.m. to 5:00 p.m. (after hours and weekends on call)</p> <p>Summer: Monday - Thursday 8:00 am to 5:30 p.m.</p> <p>Rotational on call as required for after-hours, weekends, and holidays.</p> <p>The University of Tampa offers great benefits to include:</p> <ul> <li>FREE Tuition </li><li>Generous paid leave </li><li>Wellness initiatives </li><li>100% Employer-Funded Health Reimbursement Account </li><li>100% Employer-Paid Short & Long Term Disability Insurance </li><li>100% Employer-Funded Employee Assistance Program </li><li>Discounted On-Campus Dining Meal Plans </li><li>FREE On-Campus Parking </li><li>FREE Access to Campus Amenities (pool, library, campus events and more) </li><li>Fitness Center </li><li>Pet Insurance </li><li>Flexible Spending Accounts </li><li>And more! </li></ul> <p>Submission Guidelines</p> <p>To receive full consideration for employment with The University of Tampa, please be sure to submit/upload required documents for this position at time of application submission. Required documents should be submitted in the attachment box at the bottom of the "My Experience" page of the application before continuing through the application.</p> <p>Background Check Requirements</p> <p>Finalists may be required to submit to a criminal background check. Some positions may also require a motor vehicle report and/or a credit report.</p> <p>Additional Information</p> <p>This description is intended to be generic in nature. It is not to determine specific duties and responsibilities for any particular position. Essential functions and overtime eligibility may vary based on the specific task assigned to the position.</p>