Job Location: Springfield, MA

Position Type: Full Time

Salary Range: $83,261.00 - $85,899.00 Salary

Job Category: Information Technology

Description

The Security and Access Management Analyst is responsible for application of policies, programs, standards, and compliance of information security, access, and privacy. Primary responsibility will be in the maintenance and monitoring of information security policies for both physical and electronic access to information. The role is key to ensuring that information and infrastructure will be protected from internal and external threats, and that the University is compliant with federal, state, and local laws and regulatory requirements for information security, access, and privacy. This position will also ensure that information created, acquired, stored, transmitted, and maintained by the University is in accordance with intended purposes and access to information is limited to authorized users with a justifiable business need that enable the effective and efficient operations of the University.

DISTINGUISHING CHARACTERISTICS:

• Familiarity with and a comprehension the layers of security.
• Modern application / tools for authentication and role-based access.
• Interest and capacity for understanding and evaluating complex scenarios
• Ability to consume large amounts information as technologies and cyber risks change

ESSENTIAL DUTIES:

• Maintain and recommend improvements to central authorization processes and documentation for electronic interfaces, scheduling and exchange of information between various University and vendor systems.
• Maintain and recommend improvements to central authorization processes and protocols for user identification, accounts, security, and access privileges.
• Maintain and recommend improvements to security policies, standards, and guidelines working with University constituents, data owners, and governance groups.
• Develop and maintain information security policies and procedures for network security, access.
• Analyze and prepare Incident Response Plans and Procedures for review to address security incidents, policy violations, and breaches.
• Participate in the identification, testing and implementation of security monitoring tools and technologies, including AI enabled capability.
• Perform ongoing security monitoring and assessment.
• Develop and maintain user system security; monitor and oversee user security privileges, system administration, interfaces, and access.
• Review internal IT operations for security risks and vulnerabilities.
• Monitor information security trends and keeping management informed about information security-related issues.
• Work with outside consultants as assigned for independent security audits.
• Evaluate system vulnerability and recommend security improvements.
• Assist in preparing and conducting security orientation and security awareness programs.
• To constantly learn and contribute in new ways or as assigned.

Qualifications

REQUIRED KNOWLEDGE, SKILL AND ABILITIES:

• Familiarity with network, server, and storage technologies, standard protocols, and related applications to understand security implications.
• Knowledge to automate tasks and procedures and ability to extract and work with data fluidly to assess what it is telling us.
• Ability to perform analysis to meet client needs in solving security or access problems across the University.
• Knowledge of latest security, access, and privacy legislation, regulations, and alerts impacting the University networks, systems and information architecture.
• Excellent verbal and written communication skills.
• Excellent organization and problem-solving skills.
• Ability to work independently with minimal supervision.
• Enthusiastic service orientation with sensitivity to the needs of users at all skill levels.
• Ability to maintain a high level of quality customer service standards when responding to questions and problems.
• Ability to maintain a professional and tactful approach in all interactions, ensuring confidentiality and an individual's right to privacy regarding appropriate information.
• Demonstrated ability to work effectively with a diverse group of individuals such as faculty, students, administrators, staff, and others.
• Ability to travel as needed to participate in professional meetings, conferences, and events.
• Ability to manage multiple tasks and priorities simultaneously and effectively in a fast-paced environment.
• Ensure compliance with professional and technology standards, license and regulatory requirements, and Western New England University standards, policies, and procedures.

ERGONOMIC REQUIREMENTS:

• Ability to read computer screens and printed materials
• Ability to effectively communicate via the telephone and in person
• Ability to lift and carry 25 pounds
• Ability to freely traverse campus

HOURS:

• Normal work hours from 8:30am to 4:30pm daily
• Additional hours as needed to resolve critical incidents or outages outside of normal business hours.

QUALIFICATION STANDARDS:

• Bachelor's Degree in technical discipline from an accredited College or University or equivalent Certifications and/or experience.
• At least 3 years of progressively responsible technical experience in information security and infrastructure technologies.
• Significant breadth of knowledge in network, server, storage, and infrastructure technologies and related security components.
• Excellent interpersonal skills.
• Ability to resolve problems effectively, efficiently, with manager, team members or independently.