Security Analyst

As the flagship higher education institution of The Church of Jesus Christ of Latter-day Saints, Brigham Young University (BYU) strives to be among the exceptional universities in the world. At BYU, we are devoted to our faith and to our students. We take an active role in the University's Mission: "To assist individuals in their quest for perfection and eternal life.” Our unique mission, deeply rooted in the Gospel of Jesus Christ, provides countless ways to serve and make an impact. This, along with our remarkable culture of belonging, weekly devotionals, and endless opportunities for learning and growth—all situated within a beautiful and historic campus—make it hard to imagine a more inspiring place to work. Brigham Young University strongly prefers to hire faithful members of The Church of Jesus Christ of Latter-day Saints. Security Analyst The CES Security Operations Center is currently looking to hire a security analyst to serve BYU, BYU-Hawaii, BYU-Idaho, and Ensign College. This position will lead, influence, and shape one of our security service pillars while rotating to another pillar semi-annually. Analysts are expected to bring prior experience and judgment to the role, while continuing to broaden their skills across the security operations lifecycle. Our pillars are security event monitoring and development, incident investigation & response, penetration testing, vulnerability management, identity, and threat hunting. This rotational system allows you to contribute the skills and expertise you already possess and build others in a broad range of security operations disciplines. Our rotational model is designed for experienced analysts who want to avoid siloed careers. Analysts maintain depth in their primary pillar while gaining meaningful exposure to adjacent disciplines, making this an ideal role for professionals seeking long-term growth. People skills are also required, as we regularly interact with campus customers. This position also gives you the opportunity to share with others (including the student employees that work in our SOC) your acquired skills, to grow and learn more, and to apply that learning. Other responsibilities will be assigned to you as you gain skills through on-the-job training, career-focused professional development, and mentoring. Impact of the role As a Security Analyst at the CES SOC, your work directly protects four higher-education institutions, tens of thousands of students and employees, and critical academic and research systems. You will influence security posture at an enterprise scale and collaborate with a broad range of IT professionals to reduce institutional risk. What you will be doing in this position Basic Security Analyst Responsibilities Participate in security analyst on-call rotation. Initial triage of security events, analysis of associated log data, security incident ticket population, and initial contact with relevant IT staff or end users. Drafting and editing security work instructions, for security analysts, IT staff, and end users; creating workflow diagrams to correlate work instructions to security incidents Security Event Monitoring and Development Security Analysts in this pillar design, maintain, and continuously improve enterprise security monitoring across CES institutions. This includes developing meaningful alerts and dashboards from diverse log sources, validating alert quality, and ensuring monitoring aligns with evolving threats and institutional priorities. Analysts partner closely with system owners and incident responders to ensure monitoring is actionable, resilient, and supports timely investigation and response. Incident Investigation and response This pillar leads the investigation, containment, and resolution of information security incidents across CES campuses, ranging from phishing and account compromise to system-level intrusions. Analysts apply professional judgment to triage events, coordinate with campus IT stakeholders, document findings, and guide remediation while escalating major incidents through formal response processes. The role emphasizes disciplined investigation, clear communication, and continuous improvement through lessons learned and playbooks. Vulnerability management The vulnerability management pillar provides visibility into security weaknesses across campus systems and works with IT partners to reduce risk over time. Analysts analyze vulnerability data, contextualize findings based on asset criticality and threat activity, and support prioritization and remediation efforts. As maturity increases, this work informs risk reporting, service-level objectives, and longer-term improvements to institutional security hygiene. Threat hunting & Intelligence Threat hunting focuses on proactively identifying attacker behavior that may evade automated controls by analyzing log data, indicators of compromise, and attacker tactics relevant to higher education. Analysts research emerging threats, develop hypotheses, and conduct structured hunts to validate or dismiss potential adversary activity. Findings from this work inform improved monitoring, incident response, and risk prioritization across the SOC. Identity Security In this pillar, analysts help identify and reduce identity-related risk by analyzing authentication data, privilege use, and configuration weaknesses across identity platforms. The work emphasizes applying least-privilege principles, improving visibility into account misuse or compromise, and supporting campus partners in strengthening identity governance. Identity findings feed directly into incident response, threat hunting, and enterprise risk management efforts. Penetration testing The penetration testing pillar validates the security of applications and systems through controlled testing designed to identify exploitable weaknesses before attackers do. Analysts conduct testing, validate findings, and clearly communicate results and remediation guidance to system owners. This work supports risk-based security decisions and contributes to the ongoing maturation of secure system design and deployment practices. Professional development On-the-job training and learning, both self-paced and as mentored by other full time analysts. Attend seminars and conferences as well as participate in relevant professional organizations. The CES SOC maintains a budget for these training opportunities. Supervision, collaboration, and leadership Serve as a technical leader within assigned security pillars, mentoring student and full-time analysts; contribute to analyst skill development and operational maturity. Partner with IT and campus stakeholders to improve security processes and governance. What qualifies you for thils role Skills, abilities, or knowledge You are not required to have experience in all areas listed below. What you don't know we can teach you. We are seeking the most qualified candidates; the more you have, the more likely you will be selected. Compensation will be commensurate with experience and skills. Who thrives in this role This position is ideal for security professionals who enjoy hands-on technical work, value collaboration, and want their expertise to make a visible difference. Analysts who succeed here are curious, adaptable, and motivated by service-oriented impact as much as technical challenge. Many of our analysts choose BYU for the combination of mission-driven work, long term stability, and sustained professional growth. Education and Experience This position provides an opportunity for people of varying levels of skill. If you have a lot of education, experience, and skill, we'll compensate you accordingly. If you are early in your career, this could be a great opportunity for you, too. Different levels of pay are assigned by the hiring department depending on experience/education/skills and business needs. All employees of Brigham Young University (BYU) agree to maintain the standards of The Church of Jesus Christ of Latter-day Saints as defined by the CES Honor Code and Dress and Grooming Standards, both on and off campus, 24 hours a day. BYU is an equal opportunity employer, including disability and protected veteran status.