Security Analyst II

Position Summary
NMHU is seeking a skilled and proactive Security Analyst II to join our dynamic IT Security Team. In this critical role, you will be responsible for detecting, analyzing, and responding to security incidents, ensuring the integrity and resilience of our institutions' information systems. If you have a passion for cybersecurity, strong analytical abilities, and a drive for continuous improvement, we want to hear from you.


Duties and Responsibilities

• Install, maintain and manage cybersecurity software agents and related software
• Plan, document, and execute IT projects with a structured approach
• Partners with security engineers to assist in the evaluation vendor product strategies and future product statements and advise, which will be most appropriate to pursue.
• Handle confidential information with discretion
• Assist in the development and implementation of comprehensive security policies within Microsoft 365, including Data Loss Prevention (DLP) strategies, Microsoft Defender for Identity (MDI) configurations, and Cisco Security Cloud
• Has hands on experience with Arctic Wolf and Sential security tools.
• Exercise leadership behaviors in situations that are moderate in terms of complexity, ambiguity, and dependencies.
• Provides support for the security tool portfolio and processes.
• Provides level II support to the associates and security analysts.
• Provide support in tailoring security policies to meet the organization's needs and compliance requirements and collaborate with the network manager, CISO, and Third-party security vendors in regular collaboration to address emerging threats
• Assist IT leadership during security incident investigations and response activities, including evidence gathering, data analysis, and coordination with various teams to mitigate security incidents
• Conduct ongoing research on the latest security best practices, providing insights and recommendations to enhance the organization's security posture
• Assist in the development and implementation of IT security policies and procedures, ensuring they align with organizational objectives and compliance standards
• Manage, monitor, and defend against security threats, intrusion detection systems (IDS), antivirus software, and other security tools
• Perform regular security audits and risk assessments to identify vulnerabilities and recommend improvements
• Respond to and resolve security incidents, including data breaches, malware attacks, and phishing attempts
• Collaborate with other IT staff to maintain and update security software and hardware
• Provide training and guidance to campus community regarding security best practices, including password management, phishing awareness, and data protection
• Provide guidance and assistance in proper backup, disaster recovery, and business continuity planning for IT systems
• Collaborate with team members to make recommendations for improved internal processes, and improved customer service experience
• Receive cross-training in other areas of the department and provide support in covering those areas if there is a shortage of staff, or overflow in workload
• Maintain technically current and relevant through self-directed professional reading, developing and maintaining professional contacts, professional development, and training
• Develop training material and help guides for users and support staff
• Assist with training of new hires within the department
• Maintain regular attendance

• Provide support in tailoring security policies to meet the organization's needs and compliance requirements and collaborate with the network manager, CISO, and Third-party security vendors in regular collaboration to address emerging threats.
• Assist IT leadership during security incident investigations and response activities, including evidence gathering, data analysis, and coordination with various teams to mitigate security incidents.
• Conduct ongoing research on the latest security best practices, providing insights and recommendations to enhance the organization's security posture.
• Assist in the development of IT security policies and procedures, ensuring they align with organizational objectives and compliance standards.

• Perform regular security audits and risk assessments to identify vulnerabilities and recommend improvements

• Complies with University policies, procedures and administrative directives, as well as state, federal, and local laws, regulations, and ordinances.
• Performs other related duties as assigned.

Minimum Job Requirements
EDUCATION: Bachelor's degree in Computer Science with 2 years of demonstrated experience performing hands on technical cyber security support in a college or university environment or an equivalent combination of education and experience are acceptable. Ability to pass a pre-employment background check. Hands on experience with IPS and IDS systems.
Preferred Qualifications
Certifications such as CISSP, CompTIA Security+, or Certified Ethical Hacker (CEH) or other applicable certifications.
Four (4) years' experience providing hands on technical cyber security support in a college or university environment.
ITIL Foundations Certification.
Experience troubleshooting and supporting Apple OS and Microsoft Windows.
Experience in supporting global identity and access management.
Experience with LDAP/Directory Services including Active Directory.
Incident response management.
Experience in application and network security assessment methodologies, tools, and techniques.


Special Conditions for Eligibility

• Required to maintain a valid NM driver's license to operate University vehicles
• Must be willing to work evenings, weekends and odd hours as required
• Must be willing to travel

Knowledge, Skills, and Abilities

• Skill and ability to work effectively with a wide range of constituencies
• Demonstrated knowledge of security frameworks, risk management, and compliance requirements (e.g., NIST, ITIL, CIS, etc.)
• Experience with exposure to areas such as threat detection and response, vulnerability management, network security, and endpoint protection
• Familiarity with cloud security platforms and SaaS applications
• Ability to work both independently and collaboratively as part of a team
• Ability to maintain emotional control under stress
• Working knowledge of Microsoft applications, operating systems, switches, firewalls, domain controllers, IDP systems, and remote user connectivity
• Good oral, written, and interpersonal communication skills
• Advanced knowledge and understanding of a wide range of computer, networking software, hardware systems, and related technologies
• Ability to install, configure, and maintain personal computers, networks, and/or related hardware or software
• Ability to communicate technical information to non-technical audience

Physical Demands
Standing......................................................................................Frequently


Walking.......................................................................................Frequently


Bending.......................................................................................Frequently


Squatting....................................................................................Frequently


Climbing .....................................................................................Frequently


Kneeling .....................................................................................Frequently


Lifting up to 50 pounds............................................................Frequently

Working Environment
Work is performed in a typical interior/office work environment;


Work with frequent interruptions;


No or very limited exposure to physical risk.


Moderate physical effort. May require occasional lifting, handling, pushing, or moving objects up to 50 lbs.