DATE REVISED
July 30, 2002 
JOB TITLE
Information Security Analyst		 JOB CODE
9832
FLSA STATUS
Exempt - Professional		 UNIT/DEPARTMENT
Information Services
REPORTS TO:
IT Security Manager		 SUPERVISES:
Various Support Staff

POSITION SUMMARY:

Assists in the designing, implementing and monitoring of the IT security program with a focus on identifying server vulnerabilities of routine to moderate complexity and assisting in the facilitation the implementation of security solutions for the entire UTHSC-H information resource computing infrastructure.

POSITION KEY ACCOUNTABILITIES:

  1. Assists in developing, implementing, and maintaining an ongoing IT security awareness and employee training program for the entire UTHSC-H.
  2. Provides technical assistance in the selection, configuration, and maintenance of security software, utilities and hardware of routine to moderate complexity.
  3. Assists in the development of technical security standards to support policies including assisting in creating and coordinating monitoring standards and incident investigation procedures.
  4. Performs periodic operating system and application security assessments of routine to moderate complexity and reviews for evidence of vulnerability or compromise and assist in or facilitates the implementation of resolution. Tracks resolution of findings and prepare reports.
  5. Performs operating system and application security compliance auditing of routine to moderate complexity and assist in or facilitates the implementation of resolution. Tracks resolution of findings and prepares reports.
  6. Responds to and reports on IT security incidents of routine to moderate complexity, providing initial assessment of impact severity and types of incidences being addressed. Coordinates resolution efforts with Senior Information Security Analyst for critical or serious incidents.
  7. Monitors computing resources for evidence of compromise and reports security incidents. Analyzes compromised computing resources of routine to moderate complexity to assist in improving security design, policy compliance, and to understand and document new threat profiles.
  8. Monitors and enforces compliance with security policies, standards and guidelines.
  9. Studies and keeps current on security issues and reports issues to the department personnel responsible for the resource.
  10. Performs other duties as assigned.
CERTIFICATIONS/SKILLS

Preferred: Certification in information technology or information security (MCSE, CNA, CISA, CISSP, etc.).

Skills: Ability to configure and administer Windows 9x, NT, 2000 servers and desktops. Familiar with web technology, database concepts and networking.

MINIMUM EDUCATION

Bachelors degree, training in information technology

MINIMUM EXPERIENCE

One year experience in information technology support or auditing information technology in diverse, decentralized environments. Experience with the network and server hardware, software and security tools that UTHSC-H has deployed in its information technology infrastructure is preferred.

SECURITY SENSITIVE: 

This job class may contain positions that are security sensitive and thereby subject to the provisions of Texas Education Code § 51.215.
Last Updated 10/02
dwalker