Staff it security analyst

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:

Grade: Technical 410

Pay Range: $140,200.00 - $217,200.00

Job Description

• This opportunity can be located in Salt Lake City, Utah, or Raleigh, NC.
  
  

Job Duties

• Performs stand-up and development of toolsets that perform real-time, automated configuration and control of cloud-based services and software-defined infrastructure.
• Leads the development of Security Content and Use Case Development. Alerting aligning to the MITRE ATT&CK Framework.
• Reviews and develops security checks that provide continuous security and compliance within AWS and additional cloud platforms.
• Works with developers as part of the Software Development Life Cycle
• Maintains responsibility for automation and software delivery of security tools using Continuous Integration/Continuous Development processes.
• Completes requirements gathering and specification, development of architecture diagrams, and integration with additional tools (ServiceNow).
• Ensures proper data points are captured and accounted for when calculating risk.
• Architects, designs, builds, and delivers cloud threat analytics by leveraging cloud log correlation, AI & machine learning engines.
• Architects and builds data security solutions such as DLP, and encryption in transit/rest.
• Conducts ROI and gap analysis for potential and existing products.
• Problem-solves in a complex demanding environment by drawing on a pool of technical experience, business understanding, and good judgment.
• Works individually and with the security teams to define security requirements, track security specific issues/concerns, provide security solutions, communicate identified vulnerabilities being introduced into the environment, and identify exceptions to policy.
• Leads the development of enterprise-wide designs as well as researches, develops, and recommends architectural policies and practices for current and future initiatives from definition phase through implementation.
• Manages internal Security projects that require little assistance from other groups. This includes writing requirements, managing the procurement process, initial installation and configuration, and overseeing the entire project lifecycle.
• Researches, evaluates, and stays current on emerging tools, techniques, and technologies.
• Acts as team lead when necessary, working side-by-side with other personnel in an advisory, support, and training role.
• Manages multiple simultaneous projects and tasks that involve different team members.
• Builds a Cloud and Data Security platform roadmap.
• Architects and leads implementation of risk mitigation tools and security tools for cloud migration and cloud infrastructure.
• Builds and maintains relationships across the University to promote cloud security initiatives.
• Researches and deconstructs cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs. Creates abstract rules to detect network intrusions based on IOCs. Conducts open-ended analysis of large data sets to find network activity baselines and abnormalities.
• Designs and implements SOAR functions to automate compliance enforcement, security configuration management, and malicious activity remediation.
• Identifies gaps in the University’s security model and suggests solutions, including tools and processes.
• Engages with security architects to capture design requirements for cloud architectures and implementation strategies.
• Creates new processes and identifies new threats and mitigation strategies.
• Identifies and provides training opportunities for Cloud and Data Security staff related to technical issues.
• Researches latest threats including techniques used by individuals exploiting these vulnerabilities and threats.
• Performs other job-related duties as assigned.
  
  

KSAs

• Knowledge and experience with Cloud and Data security
• Advanced understanding of core AWS services, including compute (EC2, ECS, Lambda), network (VPC, Subnets, Security Groups), storage (S3, EFS, EBS), database (RDS), and identity (IAM)
• Hands on experience integrating security into the various stages of a CI/CD pipeline
• Expertise in SAAS and PAAS
• Expert knowledge of enterprise architecture in particular Cloud Service Provider models such as Sales Force, MS Office 365, Oracle Cloud, AWS, Azure, etc.
• Competent and skilled designer of mixed-technology solutions
• Ability to lead a team in a fast-paced multidisciplinary environment
• Knowledge of various regulations and policies related to information security for the brokerage industry
• Results oriented, self-motivated, and self-directed
• Ability to work well with others, maintaining a positive work environment by communicating in a manner to promote positive relations with customers, co-workers, and management
• Effective oral and written communication skills with the ability to communicate with purpose, clarity, and accuracy
• Excellent analytical, problem solving, and decision-making skills. Able to identify and resolves problems in a timely manner with a solution driven approach to problems
• Demonstrated pragmatic, adaptable, and result-driven approach to information security risk management
• Methodical, data-driven approach to security and risk analysis; ability to think imaginatively in order to implement security improvements
• Understands the implications of privacy laws and regulations (i.e. GDPR and CCPA)
  
  

Minimum Qualifications

• Bachelor's Degree in IT Security, Computer Science, Engineering, or related field
• 7 years of Information Security experience, including understanding of all security domains
• Hands-on experience implementing MITRE ATT&CK Framework
• Working experience creating, designing, and implementing SIEM content security rules to detect malicious, suspicious, and/or abnormal events
• Hands-on experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)
• Expert scripting language experience (Bash, Python, etc.) with strong working knowledge of automation
• Experience with open-source security tools (i.e. Kali, Nessus, Fortify, AppScan, Nexpose, SAINT, Burp, NMap, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng, Eramba, etc)
• Hands-on experience with AWS APIs, Lambda. DynamoDB, EC2, VPC, CloudFront, CloudTrail, CloudWatch, IAM
• Relevant security certifications (CISSP, GIAC, ISACA, CEH, etc.)
• Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the discretion of the hiring manager.
  
  

Preferred Qualifications

• 15 years of Information Security experience, including understanding of all security domains
• Strong experience with distance education and distance learning students
  
  

Position & Application Details

Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time, regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.

How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at [email protected].

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.