The Tier 2 Information Security Analyst role involves performing advanced threat detection and incident response activities to maintain NYU’s security posture. Job duties include identifying and mitigating complex security risks by analyzing security events and alerts, executing incident response procedures, and communicating and assisting stakeholders. Typical duties may include in-depth analysis of multiple data sources and advanced technologies to detect and respond to compromised systems and accounts, identification and mitigation of sophisticated phishing campaigns, and identification and remediation of highly vulnerable operating systems and software. Provides expert triage for discovered issues, escalates as needed, and leads larger incident response efforts when required. Contributes to process improvement initiatives to continuously enhance the security posture of the university. Works collaboratively as a team member in a dynamic environment and must also possess exceptional analytical, communication, and problem-solving skills. A high level of confidentiality and professionalism is required, as well as a proven track record of successful incident response and security operations experience.
Fully remote work may be considered
Bachelor's Degree or equivalent combination of education and experience
Bachelor's Degree in a related discipline.
5+ years experience involving information technology and/or information security, compliance, or risk management.
5+ years experience working in a large-scale information technology environment. Working knowledge using network and system diagnostic tools. Working knowledge with scripting, programming, or automation methods. Working knowledge with intrusion detection or system protection tools and methodologies. Work experience with vulnerability scanning tools (e.g., Tenable Nessus, InsightVM, Metasploit, etc.) Experience with information security regulatory/compliance requirements.
Required Skills, Knowledge and Abilities:
Demonstrated understanding of advanced IT security principles and concepts. Ability to clearly communicate information and security concepts to non-technical audiences. Experience with multiple operating systems, including Windows, Mac OS, or Unix/Linux. Must possess strong critical thinking and analytical skills. Must be able to maintain adequate confidentiality, integrity, and availability of information. Maintain a high level of discretion.
Preferred Skills, Knowledge and Abilities:
Knowledge of advanced security controls and information security best practices. Knowledge of enterprise infrastructure and application monitoring tools. Familiarity with security frameworks such as CIS, NIST, ISO, and PCI-DSS. Familiarity with cloud architecture and security concepts. Working knowledge of computer network protocols, network security architecture, and computer architecture. Working knowledge of network systems, security principles, applications, and risk and compliance initiatives.
In compliance with NYC's Pay Transparency Act, the annual base salary range for this position is USD $100,000.00 to USD $120,000.00. New York University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and organizational considerations when extending an offer. This pay range represents base pay only and excludes any additional items such as incentives, bonuses, clinical compensation, or other items.
NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/nyugreen.
EOE/AA/Minorities/Females/Vet/Disabled/Sexual Orientation/Gender Identity