Jobs · Information Technology · New York

Information Security Analyst

Syracuse University · Syracuse, NY · 1 wk ago
Information Technology$87k–$92k/yrFull-time

About the role

The Information Security Analyst is a technical role within the Information Security (InfoSec) group of Information Technology Services (ITS), responsible for defending the University’s data assets through policy controls, security operations, incident response, and AI-assisted tooling.

Responsibilities

  • Monitor network, endpoint, and identity telemetry continuously using open-source and enterprise SIEM platforms including Splunk, Elastic/Opensearch, and Kibana.
  • Review IDS alerts, system logs, and network traffic captures; triage for relevance and severity; distinguish genuine threats from false positives.
  • Provide second-level analysis of alerts escalated by student SOC employees, with final disposition and escalation authority resting with this position.
  • Operate, tune, and recommend enhancements to the SOC’s monitoring and detection platforms including Microsoft Defender and SIEM tools; leverage AI-assisted tooling to improve detection and response workflows.
  • Implement threat hunting and detection strategies; identify new data sources to augment detection capability; integrate new tools and applications as needed.
  • Write Python and PowerShell scripts to automate detection, response, and data analysis workflows.
  • Aid in maintenance of firewall rulesets.
  • Serve as first responder for security incident investigation, conducting log and system-level analysis to determine potential scope and impact. Assist with containment, eradication, and recovery efforts.
  • Perform digital forensic analysis at the first-responder level to determine whether a breach has occurred and what steps are required to contain it.
  • Provide written and verbal summaries of incident findings to be shared with ITS leadership and relevant stakeholders.
  • Aid in maintaining and operating the University’s vulnerability assessment program, including scan configuration, finding analysis, risk prioritization based on exploitability and business impact, and remediation coordination with system owners.
  • Track patching effectiveness and validate closure of critical findings.
  • Assist in the hiring, continuous training, mentoring, and operational oversight of student SOC employees.
  • Develop and maintain the SOC processes, runbooks, and escalation procedures that student analysts follow.
  • Provide direct coaching on alert investigation techniques, log analysis, and documentation standards.

Qualifications

  • Bachelor’s degree in information security/Cybersecurity, Information Management, Computer Science, Computer Engineering, or related discipline.
  • Five (5+) plus years of experience in Information Technology, with a minimum of two (2) years in Information Security/Cybersecurity.
  • Prior experience working in a functioning SOC or equivalent security operations environment is valued, including hands-on work triaging live alerts, investigating active incidents, and operating security tooling in a production setting.

Similar jobs