Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in information security, computer science, information systems, or related field and a minimum of two years of hands-on experience in at least two of the following: incident response, SOC operations, vulnerability management, endpoint security, cloud security, IAM or an or equivalent combination of education, training and relevant experience.
• Familiarity with SIEM, EDR, email security gateways, vulnerability scanners, and basic network security concepts (firewalls, subnets, DNS, etc.).
• Working knowledge of one or more of the following: Windows, macOS, Linux
• Working knowledge of common enterprise/cloud services (e.g., AWS, Azure AD/Entra, Google Workspace, O365, SAML/OAuth).
• Ability to read and interpret logs; comfort writing basic queries and simple scripts (PowerShell or Python) to automate routine tasks.
• Understanding of FERPA and GLBA Safeguards; awareness of PCI DSS fundamentals.
• Effective communicator with the ability to translate technical security requirements into language that helps non-technical users make informed decisions.
• Proven ability to move security findings from identification to effective remediation.
• Ability to work in a decentralized environment with diverse stakeholders.
• Willingness to support incident response outside normal business hours when required.

Nice To Haves

• One or more of the following certifications (or in progress): Security+, CySA+, GSEC, GCIH, GCIA, GCED, GMON, SSCP, CISSP, or equivalent.
• Experience with AWS security services and identity governance/access reviews.
• Experience in a university or research-heavy environment, including support for labs or HPC and data use agreements.
• Detection engineering (use-case development, sigma/KQL, threat hunting).
• Forensics fundamentals (endpoint triage, memory/disk basics) and evidence handling.
• Secure configuration management (CIS benchmarks), vulnerability prioritization (KEV/CVSS context), and patch orchestration.
• Vendor/security assessment of SaaS with practical compensating controls when “perfect” is not available.

Responsibilities

• Security Monitoring & Incident Response Monitor, operate and tune Microsoft Defender console and related security tooling.
• Develop and maintain detections, dashboards, alerts, and escalation procedures.
• Serve as first or second level responder for security incidents in ServiceNow.
• Coordinate containment, eradication, recovery, and post-incident reviews.
• Maintain incident response playbooks.
• Participate in an on-call rotation.
• Vulnerability & Configuration Management Operate the Nessus Professional vulnerability management system and prioritize findings by exploitability and asset risk.
• Partner with system owners to remediate vulnerabilities and validate secure configuration baselines for servers, endpoints, and cloud services.
• Identity, Access, and Data Protection Support identity and access management controls including MFA (Duo), SSO/SAML/OAuth, privileged access.
• Assist with access reviews, role hygiene and identity governance activities.
• Implement data protection controls such as encryption, secure file-sharing aligned with data classification standards.
• Governance, Risk & Compliance Conduct security risk assessments for new systems and vendors.
• Review security terms and attestations, including SOC2 and HECVAT.
• Support compliance obligations including FERPA, GLBA Safeguards Rule, PCI DSS, HIPAA, DMCA.
• Assist with audit preparation and evidence collection.
• Security Awareness & Enablement Deliver targeted training; publish advisories and publish guidance in ITS knowledge base.
• Forward Data Privacy Officer requests to relevant business offices.
• Administer security platforms including Duo, LastPass, and Mimecast.
• Maintain Nmap SSL certificate scanning process and communicate findings to system owners.
• Perform periodic user access reviews in systems such as Workday.
• Threat-Cloud and Third-Party Risk Track higher-ed–relevant threat actor tactics and translate intelligence into detections, controls, and tabletop exercises.
• Partner with service owners to show and remediate cloud and SaaS misconfigurations.
• Support security reviews of new SaaS platforms and research tools; recommending compensating controls when vendors security capabilities fall short.
• Metrics & Continuous Improvement.
• Produce metrics and reports that inform security prioritization and resource allocation.
• Maintain right, auditable documentation, including asset inventories, data flows, and exception registers.
• Propose practical high impact improvements such as policy, control, or automation that reduce risk quickly while minimizing disruptions to academic and business operations.

Benefits

• Wesleyan offers a broad range of employee benefits and development opportunities, including comprehensive group insurance plans, wellness programs and incentives, generous paid time off and retirement plans, flexible work schedules, employee and dependent tuition programs for those who qualify.
• Detailed information on the benefits of working at Wesleyan is located at: https://wesleyan.edu/hr/careers/prospective-resources.html.