Cybersecurity Analyst Ii

EXISTING CNC CUPE Employees:
Employment Status Full Time Employment Type Regular Job Summary

Reporting to the Chief Information Officer, the Cybersecurity Analyst II will play a key role in leading the College’s cybersecurity operations and strategy. The Cybersecurity Analyst II is primarily responsible for: developing and implementing cybersecurity measures, processes and controls; providing advice and guidance to administrators, faculty and staff; managing and monitoring the environment for security breaches; analyzing and responding to complex cybersecurity-related alerts and incidents; monitoring system logs and network traffic for cybersecurity incidents; implementing technical projects related to the cybersecurity strategy; and actively participating in the development and implementation of the college’s cybersecurity strategy.

Specific Duties

**Responsibilities will include but are not limited to**:

- Create and maintain the enterprise security architecture framework, contributing to development of operational and tactical plans related to cybersecurity.
- Coordinate and develop prioritized action plans for external vulnerability and penetration tests as directed, typically on an annual and bi-annual basis and implement technical resolutions.
- Provide recommendations and guidance to maintain a defensible level of cybersecurity; implement approved technical actions and recommendations.
- Develop, implement, and monitor a server and endpoint patch management strategy.
- Develop and implement cybersecurity incident response plans and lead their execution during cybersecurity events
- Assist with the development of policy, standards, and procedures to assist your team in achieving consistent, standards focused outcomes
- Execute test plans for new hardware and software systems to ensure functionality meets specifications
- Clearly document errors discovered during testing phases
- Work closely with stakeholders to identify business objectives and assist with the creation of plans to achieve them
- Perform analysis of potential solutions and prepare cost benefit reports to aid in solution selection
- Work closely with various business units to assist with process documentation
- Design and develop information systems based on supplied process diagrams and documented requirements
- Create, maintain, and follow technical documentation
- Create simple data visualizations to assist with communicating information to decision makers
- Follow procedures to manage records and curate key operational and project documentation
- Coordinate project and issue resolution work with your team and other stakeholders
- Evaluate vendor products and provide purchase recommendations to management
- Configure user accounts and passwords, retrieve user information, and other enterprise systems user account management activities
- Provision and de-provision user changes
- Troubleshoot simple network issues using tools such as nslookup, ping, tracert, and ipconfig
- You will be part of a team actively engaged in contributing to and accomplishing the vision, mission, and goals of the College and in supporting the aspirations and needs of our learners.
- You will promote a positive work atmosphere by interacting and communicating in a professional manner that demonstrates mutual respect with students and colleagues.
- Perform other related duties as assigned by the CIO or designate.

Skills & Qualifications

**Education**
- Recognized two (2 ) year diploma in Computer Information Systems, Information Technology, Electronics Engineering or another relevant field
- Security+ or equivalent certification preferred

**Minimum Experience**
- 5 years or more minimum of five years current experience in cybersecurity or equivalent education and experience.

**Skills & Experience**
- Demonstrable completion of reputable course(s) related to cybersecurity practices
- Experience in post-secondary education or the public sector is preferred
- Ability to perform digital forensics and malware analysis during an incident
- Deep understanding of risk management practices and cybersecurity frameworks (e.g. NIST)
- Ability to assess cyber security maturity state of CNC and develop cyber security strategic plan for organization
- Ability to collect relevant maturity metrics and communicate in risk terms to executives and directors
- Understanding of identity and access management issues, such as accumulated permissions, high risk permission configurations, and distributed security
- Experience leading projects
- Ability to prepare and distribute progress reports
- Familiarity with regulatory compliance
- Ability to assess the relative strengths and weaknesses of different solutions
- Ability to test newly implemented solutions and provide constructive feedback
- Ability to read and execute basic shell scripts such as batch files and PowerShell to automate administrative tasks
- Familiarity with structured approaches to system configuration ma