SECURITY ANALYST #00031824

Enterprise Systems & Applications

Candidates must be US Citizens, Lawful Permanent Residents, or be able to gain clearance to access export-controlled information. The University is not able to provide Visa Sponsorship for this position.

Are you seeking to make a difference in the lives of students? Are you desirous of enabling research that is changing our world? Would you like to have a strong influence in setting direction for a technology organization whose mission focuses on education, research, and application of knowledge to solve some of the world's great challenges? If so, we would like to talk to you. If you are a potential member of the S&T information technology team and are humble, coachable, approachable, introspective, and passionate about building relationships, then we want to talk to you. Serving at Missouri University of Science and Technology is a calling. We are revitalizing our campus and looking to a bright future. Join us.

This position will serve as a technical security expert. This position will be a part of the ISO led security team for risk and compliance and serve in a technical role for security under the ISO's direction for all S&T security.

Firewall Management:

• Configure, monitor, and maintain enterprise firewalls to ensure secure network traffic and prevent unauthorized access
• Develop and implement firewall policies and rules based on industry standards and security best practices
• Design and manage network segmentation to protect sensitive data and systems from potential threats
• Troubleshoot and resolve firewall-related incidents and performance issues
• Collaborate with network teams to ensure firewall and network segmentation changes are aligned with organizational goals
• Collaborate with Networking and Systems Infrastructure team on the maintenance of data center firewall rulesets and routing related to service delivery

Azure Security and Active Directory Management:

• Manage Azure Active Directory as part of a systemwide team, ensuring secure and scalable identity and access management
• Implement and manage security solutions within Microsoft Azure, including configuring security policies, managing resources, and monitoring for vulnerabilities
• Ensure proper configuration and security of Active Directory services, including group policy management, permissions, and role-based access controls
• Contribute to the maintenance of local custom web tools for privilege delegation capabilities of AD/Azure/other management functions

Account Management:

• Oversee user account lifecycle management, including the provisioning, de-provisioning, and auditing of user access to systems
• Ensure adherence to the principle of least privilege across all account management activities
• Conduct regular reviews of user accounts and permissions to identify and mitigate potential security risks

Incident Response:

• Lead and participate in security incident response activities, including investigating, analyzing, and mitigating security incidents
• Hunt for and remediate phishing campaigns, ensuring timely detection and neutralization of threats
• Secure email to prevent misuse and ensure the integrity of organizational communications
• Perform forensic analysis and root cause investigations to determine the scope and impact of security events
• Develop and document incident response procedures and runbooks to improve the organization's response capabilities
• Collaborate with other teams to ensure proper escalation and resolution of security incidents

Vulnerability Management:

• Administer vulnerability management tools, discovery, tracking, and remediation coordination
• Administer Microsoft security environment including Defender, Entra, Purview, and Sentinel
• Lead technical security operations including security monitoring and reporting
• Monitor security systems and logs for signs of potential vulnerabilities or breaches
• Develop and maintain security dashboards and reports for senior management and stakeholders
• Provide guidance on emerging threats, vulnerabilities, and best practices
• Provide oversight to other teams for patch management progress/state as well as help to determine when security issues require immediate vs delayed action

Risk Management and Compliance:

• Ensure that security controls comply with industry regulations, such as CUI, NSPM-33, PCI, HIPAA, NIST 800-171, NIST 800-172, ITAR, NERC, and organizational policies
• Conduct regular security assessments, vulnerability scans, and penetration tests
• Review software, hardware, services, and vendors for adoption
• Recommend and implement security enhancements based on risk assessments and security audits
• Maintain compliance with export-controlled data regulations and work closely with law enforcement on related matters

• Bachelors degree in computer science, cybersecurity, or similar fields, or equivalent experience
• Ability to work on export controlled projects
• Ability to obtain and maintain a top-secret security clearance is required

• 5 years of experience in security analysis with hands-on experience in firewall management, Azure, Active Directory, account management, and incident response
• A cyber security certification such as CISSP, CISM, CEH, or equivalent is required
• Expertise in incident response, phishing remediation, mass email security, risk mitigation, and security operations
• Expertise in data security concepts such as security labeling, Controlled Unclassified Information (CUI), Secret, and Top-Secret information, and tools such as Microsoft Purview preferred
• Expertise in Microsoft security and networking tools such as Active Directory, Domain Controllers, Defender, Entra, and Sentinel preferred
• Expertise in vulnerability scanning tools such as Tenable, Qualys, Nessus, and Nmap
• Knowledge of access management models such as Identity and Access Management (AIM_ access controls, Access Control List (ACL) access controls, Privileged Access Workstation (PAWs), Role-Base Access Controls (RBAC), Attribute-Based Access Controls (ABAC), Privilege Escalation access control, and Zero Trust Network Access (ZTNA) preferred
• Ability to work with export-controlled data and collaborate with law enforcement agencies
• Strong understanding of security frameworks such as NIST CSF, NIST 800-53, NIST 800-88, PCI, ITAR, NERC, ISO 27001, and CIS Controls
• Proficiency in scripting and automation (PowerShell, Python) for security purposes is a requirement
• Excellent analytical, problem-solving, and communication skills.
• Existing security clearance is preferred

The anticipated hiring range for this position has been established as $52,223-$120,078 annually.

Salary is determined by a variety of factors, including but not limited to, the individual's particular combination of education, skills, and experience, as well as organizational requirements.

Your total compensation goes beyond the number on your paycheck. The University of Missouri provides generous leave, health plans, and retirement contributions that add to your bottom line.

Grade: GGS 9E, 10, 11, 12, OR 13
University Title: SECURITY ANALYST- ENTRY, SPECIALIST, EXPERT, PRINCIPAL, OR EXPERT.
To review the University of Missouri's Staff Compensation Structure you can view the Job Code detail page. Internal applicants can determine their university title by accessing the Talent Profile tile in myHR.

Applications will be accepted until this position is filled.

Visa Sponsorship Information:
Applicants must be authorized to work in the United States. The University will not sponsor applicants for this position for employment visas.

University Information
Missouri S&T is one of the nation's leading research universities with over 100-degree programs in 39 disciplines. It was founded in 1870 as one of the first technological institutions west of the Mississippi River. Located about 100 miles west of St. Louis in the vibrant community of Rolla, Missouri S&T is an accessible, safe, and friendly campus surrounded by Ozarks' scenery. Missouri S&T offers undergraduate degrees in engineering, the sciences, liberal arts, humanities, and business, with M.S. and Ph.D. programs available in many of the science and engineering programs. With over 7,000 students and 300 faculty, Missouri S&T is big enough to accommodate a broad population, yet small enough for individuals to build high visibility and impactful careers.

About Rolla
Rolla, Missouri offers several great advantages that help individuals enjoy a high quality of life. Rolla is an ideal place for families, with its low cost of living, excellent schools, safe neighborhoods, and a range of recreational activities suitable for all ages. The Ozark Scenic Riverways and beautiful landscapes offers abundant opportunities for outdoor enthusiasts of every lifestyle. With its vibrant community, Rolla hosts multiple events, concerts, art exhibitions, and theater performances throughout the year. The university's Leach Theatre showcases nationally renowned performers for campus and community alike. Overall, living in Rolla offers a high quality of life with a supportive community, affordable living, beautiful natural surroundings, and numerous opportunities for personal and professional growth.

This position is eligible for University benefits. As part of your total compensation, the University offers a comprehensive benefits package, including medical, dental and vision plans, retirement, paid time off, short- and long-term disability, paid parental leave, paid caregiver leave, and educational fee discounts for all four UM System campuses. For additional information on University benefits, please visit the Faculty & Staff Benefits website at https://www.umsystem.edu/totalrewards/benefits.

Equal Employment Opportunity

The University of Missouri is an Equal Opportunity Employer.

To request ADA accommodations, please call the Office of Equity & Title IX at 573-341-7734.