Information Security Analyst III

Southern New Hampshire University is a team of innovators. World changers. Individuals who believe in progress with purpose. Since 1932, our people-centered strategy has defined us — and helped us grow a team that now serves over 180,000 learners worldwide.

Our mission to transform lives is made possible by talented people who bring diverse industry experience, backgrounds and skills to the university. And today, we're ready to expand our reach. All we need is you.

Make an impact — from near or far

At SNHU, you'll have the option to work remotely in the following states: Alabama, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, New Hampshire, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, West Virginia, Wisconsin and Wyoming.

We ask that our remote employees have access to a reliable internet connection and a dedicated, properly equipped workspace that is free of distractions. Employees must reside in, and work from, one of the above approved states.

The opportunity

The Information Security Analyst III reports to the Deputy Chief Information Security Officer. As an Information Security Analyst III, you will be a senior lead for the Security Operations Center (SOC) team and monitor a large enterprise technology ecosystem, detecting, analyzing, and investigating information security events within that ecosystem, and responding to information security incidents to ensure the protection of SNHU's mission-critical technology resources and institutional information. You can work remotely in any of our approved working states. #LI-Remote

The critical responsibilities of the SOC team must continue to be performed during crisis situations and contingency operations, which may necessitate extended work hours, and require work during non-business hours.

What You'll Do:

• You will be the senior escalation point for security alerts and incidents triaged by level I and II analysts.
• You will be an Incident Coordinator for Major Incidents with SNHU's Information Security Incident Response Plan.
• You will be a technical lead for investigating complex or high severity security threats or incidents.
• You will lead incident containment and eradication activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis.
• You will analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s).
• You will be good in a crisis
• You will develop SIEM alerts, reports, and dashboard content to enhance detection coverage and increase the effectiveness of the SOC.
• You will work with other ITS and partners to develop monitoring content relevant to their use cases
• You will remain up to date on the latest threat intelligence.
• You will be the Security Operations technical lead for ITS and enterprise-wide projects
• You will develop strategies and solutions that improve or mitigate information security risks associated with the identified during the incident response process and other security functions
• You will develop and implement data pipelines for log data, ensuring compliance with log retention requirements while increasing SIEM efficiency.
• You will implement, configure, deploy, and manage security operations tools (e.g. Splunk, Cribl, Halcyon, Microsoft Defender XDR, Tenable).
• You will develop and maintain automation scripts and other tools to enhance security operations effectiveness.
• You will perform risk analyses on software vulnerabilities and prioritize vulnerability remediation efforts
• You will provide technical vulnerability remediation assistance to resource owners
• You will create and provide regular reporting to management on main Security Operations metrics
• You will excel at documentation, communication, and collaboration.
• You will communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities.
• You will demonstrate a deep source of ethics, integrity, and confidentiality.
• You will provide customer support according to SNHU's Core Values and understand how and when to escalate potential issues.
• Other responsibilities as assigned.

What We're looking for:

• 5+ years' experience in cybersecurity.
• 4+ years working in a security operations center (SOC), a cybersecurity operations center or on a cybersecurity incident response team.
• Bachelor's Degree in cyber or technology.
• 9+ years in Cyber Security, 6+ years in an SOC in place of a degree acceptable.
• 1+ year(s) working in a mid to senior level in this capacity.
• Professional Certification(s): ISC2 CISSP; ISACA CISM or CISA; CompTIA CySA+, Security+, Network+, Microsoft AZ-900, SC-100, SC-200; SANS GIAC certifications such as GSEC, GCIH, and GSOC; and EC Council CEH, CPENT, and CIH.
• Experience collecting, organizing, and analyzing data gathered from firewalls, vulnerability scanners, Windows/Linux operating systems, software application logs, Azure cloud-resources, email platforms, Endpoint Detection and Response (EDR) tools, and other platforms in the environment that ensure enterprise-wide security monitoring.
• Experience implementing, writing, deploying, and maintaining scripts used for security operations automation.
• Proficient in Search Processing Language (SPL), or Kusto Query Language (KQL) with an ability to create and improve complex queries for log analysis and security monitoring.
• Experience using the Microsoft Graph SDKs (PowerShell, C#, JavaScript, Java) to automate security operations, including scripting and integration with security tools.

We believe real innovation comes from inclusion - where different experiences, perspectives and talents are celebrated. So if you're wondering whether SNHU is right for you, take the leap and apply. You might be just the person we're looking for.

Compensation

Exceptional benefits (because you’re exceptional)

You’re the whole package. Your benefits should be, too. As a full-time employee at SNHU, you’ll get:

• High-quality, low-deductible medical insurance

• Low to no-cost dental and vision plans

• 5 weeks of paid time off (plus almost a dozen paid holidays)

• Employer-funded retirement

• Free tuition program

• Parental leave

• Mental health and wellbeing resources