Job Description

General Position Summary: As an Information Security Analyst II, you'll have the opportunity to make a meaningful impact by fostering a security first mindset across the organization. If you're passionate about cybersecurity, we'd love to hear from you! We are seeking a dedicated and engaging Information Security Analyst II to monitor, analyze, and respond to security threats and vulnerabilities within the organization. This role involves conducting risk assessments, investigating security incidents, and ensuring compliance with industry standards and best practices, and leading employee security awareness initiatives and training programs. This role will play a crucial part in onboarding new employees, developing phishing awareness campaigns, facilitating one-on-one training, and collaborating with internal teams to promote a security-conscious culture. The ideal candidate will have a strong background in cybersecurity, excellent communication skills, and the ability to translate complex security topics into engaging and understandable content. Supervisory Responsibility: This position is not supervisory in nature. Essential Functions/Major Responsibilities: Threat Monitoring & Incident Response: Monitor security alerts and logs using organization's cybersecurity tools. Investigate and respond to security incidents, breaches, and vulnerabilities. Perform root cause analysis and recommend corrective actions. Risk Management & Compliance Conduct vendor security risk assessments and prepare formal reports. Analyze security risks and provide recommendations for mitigation. Assist in risk assessments and compliance audits (e.g., NIST CSF, ISO 27001, PCI-DSS). Support the development of security policies, standards, and procedures. Ensure compliance with regulatory requirements and security frameworks. Employee Cybersecurity Training: Conduct information cybersecurity training sessions for new employees as part of the onboarding process. Develop engaging and informative cybersecurity training materials tailored to different employee roles. Provide ongoing cybersecurity awareness education through various training methods (e-learning, webinars, in-person sessions). Facilitate personalized training sessions for employees who require additional cybersecurity training. Act as a cybersecurity awareness resource, addressing employee inquiries and concerns related to cybersecurity. Phishing Awareness & Reporting: Create and manage phishing simulation campaigns to assess employee awareness and response. Track, analyze, and report on phishing campaign results to identify trends and areas for improvement. Ensure compliance with security policies by monitoring and reporting on repeated phishing failures. Review reported phish emails and follow up with submitter. Compliance Reporting: Support compliance audits by ensuring complete and accurate documentation. Coordinate with key stakeholders to update and maintain the business continuity and disaster recovery plan. Update and maintain the incident response plan. Serve as the primary liaison with the University of Arizona's Information Security Office, ensuring compliance with its cybersecurity policies Specific Job Skills: Commitment to working in a collaborative team environment with shared goals. Ability to work efficiently with a wide variety of individuals, including donors, PAE colleagues, deans, faculty and staff. Excellent communication and interpersonal skills Ability to effectively communicate both verbally and written. Demonstrated commitment to exceptional customer service with the ability to translate the PAE guiding principles of donor-centricity and collaboration into work practices. Ability to recognize and handle highly confidential and sensitive information in a discrete and professional manner. Work with excellent organizational skills and attention to detail. Be able to work independently with the ability to prioritize multiple projects and meet strict deadlines for deliverables Ability to anticipate and discern work priorities and meet deadlines with little supervision. Adept at problem-solving and using judgment in situations requiring initiative, tact, and confidentiality. An exceptional work ethic and track record of personal initiative required. Openness to new ideas and personal flexibility with the ability to adapt and succeed in a multi-task, fast-paced environment with changing processes and occasional ambiguity. Ability to inspire cooperation and participation Proficiency in the use of personal computers and Microsoft Office software (Word, Excel, PowerPoint, and Outlook). Proficiency or ability to learn additional software required to perform the essential duties of the position Minimum Qualifications: Bachelor's degree in computer science, cybersecurity, or a related field (or equivalent experience as approved by HR). 3+ years of work experience in cybersecurity. Strong understanding of information security principles, phishing threats, and social engineering tactics. Experience with phishing simulation tools and security awareness platforms. Preferred Qualifications: Security + certificate. Knowledge of security compliance frameworks (e.g., NIST, ISO 27001, SOC 2) is a plus. Experience with threat protection, detection, and response tools for endpoints, email, identity, and cloud environments. Knowledge of IT architecture and operations. Work Environment: Standard computer workstation with high exposure to a computer screen. May require occasional early morning, late evening, or weekend hours to minimize service disruptions. University of Arizona Foundation

Job Tags

Similar Jobs