Edtech.com's Summary

Arizona State University is hiring a Senior Cybersecurity Analyst. The role involves leading cybersecurity projects and managing domains such as governance, risk, compliance, vulnerability management, and privacy to enhance the university's cybersecurity program aligned with frameworks like NIST RMF and CMMC. The analyst also mentors team members, improves security processes using automation and AI, and collaborates across university teams to maintain a robust security posture.

Highlights

Manage vulnerability scanning, assessment, and remediation using tools like ServiceNow.
Conduct risk assessments and ensure compliance with regulations including HIPAA, FERPA, GLBA, GDPR, and PCI-DSS.
Automate security operations and incident response workflows using scripting, SOAR tools, and AI.
Evaluate and enhance security tools such as CrowdStrike endpoint detection and threat intelligence feeds.
Collaborate with IT operations, network engineering, application developers, and data governance teams.
Develop and update cybersecurity policies, procedures, incident response plans, and training materials.
Provide leadership and mentorship to junior cybersecurity staff and promote a positive culture within the team.
Required technical skills include knowledge of NIST RMF, CMMC, security frameworks, and enterprise security tools.
Minimum qualifications are a Bachelor's degree and five years of relevant experience or equivalent combination of training and experience.
Preferred certifications include CISSP, CCSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, HITRUST, or CompTIA Security+ with compliance and governance experience.
Experience in large enterprise or higher education settings is preferred.
Salary range is $85,700 to $94,000 per year, dependent on experience.

Cybersecurity Analyst, Senior Full Description

Job Profile:Cybersecurity Analyst 3

Job Family:IT Cybersecurity

Time Type:Full time

Max Pay - Depends on experience:$94,000.00 USD Annual

Apply before 11:59 PM Arizona time the day before the posted End Date.

Minimum Qualifications:Bachelor's degree and five (5) years of experience appropriate to the area of assignment/field; OR, Any equivalent combination of experience and/or training from which comparable knowledge, skills and abilities have been achieved.

Job Description:

The Senior Cybersecurity Analyst at Arizona State University (ASU) is a seasoned professional responsible for cybersecurity domains like governance, risk, compliance, vulnerability management, and privacy. This role leads cybersecurity projects, refines security processes, and implements technical solutions aligned with ASU's strategies. The Senior Analyst handles open-ended problems by providing analysis and prioritized solutions based on cybersecurity frameworks such as NIST RMF and CMMC, and by staying updated on emerging trends. The position is key to maturing ASU's cybersecurity program, ensuring security capabilities evolve with the university's needs.

As with all members of the Enterprise Technology team, this role carries core responsibilities, including fostering a sense of belonging and cultivating a culture that is relational, visionary, and empowering. With a strong emphasis on authenticity and compassion, this position is dedicated to embodying and advancing our culture.

Salary: $85,700.00 - $94,000.00 per year; Depends on experience

Essential Duties:

Vulnerability Management: Manage the vulnerability program, including regular scanning, identification, and assessment of vulnerabilities in systems and applications. Prioritize and coordinate fixes by working with system owners and IT teams, ensuring timely patching or mitigation. Monitor and report progress on remediation efforts (using tools like ServiceNow for ticketing and workflow) and confirm that the fixes are effective.
Governance, Risk & Compliance: Contribute to governance, risk, and compliance efforts for the cybersecurity program. Conduct risk assessments and security control evaluations for critical systems and third-party solutions, aligning with established frameworks (e.g., NIST RMF) and emerging compliance standards (such as CMMC for relevant research projects). Ensure that security practices and controls meet applicable regulations and data protection requirements - including HIPAA (health data), FERPA (student records privacy), GLBA (financial data protection), GDPR (EU personal data privacy), and PCI-DSS (payment card data security). Collaborate closely with compliance, legal, and privacy teams to address regulatory obligations and to prepare for or support audits and assessments.
Process Improvement & Automation: Proactively identify opportunities to enhance security operations processes and workflows. Automate routine procedures and controls using scripting and security orchestration tools (SOAR) as well as AI to boost efficiency and consistency in incident response, monitoring, and compliance reporting. Create scripts or playbooks for tasks like vulnerability management, risk assessment, compliance assessment, and digital privacy impact assessments.
Security Tools Enhancement: Evaluate, tune, and recommend enhancements to enterprise security tools and capabilities. Supervise the tuning and optimal setup of systems, including endpoint detection and response tools (e.g., CrowdStrike) and threat intelligence feeds. Ensure that security tools produce actionable insights for intelligence sharing with multiple teams across the organization. Identify new data sources or technologies that could improve ASU's security posture and maturity.
Cross-Team Collaboration: Collaborate closely with various university teams such as IT operations, network engineering, application developers, and data governance to develop a strong understanding of the threat landscape and business environment within a large, complex academic setting. Act as a security expert in cross-departmental meetings and projects, effectively communicating risks and requirements. Promote a culture of cybersecurity awareness by guiding stakeholders on security best practices and emerging threats.
Policy and Program Development: Contribute to the development and continuous improvement of cybersecurity policies, standards, guidelines, and procedures. Draft and update documentation, including incident response plans, standard operating procedures (SOPs), security standards, and runbooks, to ensure they reflect current best practices and organizational changes. Assist in creating training and awareness materials to educate the university community on security policies and safe computing practices. By developing clear documentation and guidance, support the overall governance of information security at ASU.
Mentorship and Leadership: Provide leadership and mentorship within the cybersecurity team. Guide junior analysts and incident responders, leading by example in technical investigations and project execution. Share knowledge and train teammates in areas of expertise (for instance, by demonstrating how to use advanced features of tools such as ServiceNow GRC modules or CrowdStrike). Help prioritize team tasks to align with ASU Enterprise Technology (ET) initiatives while maintaining transparency and engagement with stakeholders.
Leverage AI in routine tasks and contribute ideas for using AI to improve the unit's efficiency and overall performance.
Take responsibility for fostering a positive culture, upholding organizational values, and championing engagement in all its forms.
Collaborate across teams and actively participate in ET/ASU events and programs.

The Senior Cybersecurity Analyst will take on other duties as assigned and is expected to adapt to the evolving needs of the cybersecurity program. In all responsibilities, they will maintain a high standard of quality, integrity, and professionalism to protect the university's information assets.

Desired Qualifications:

Professional Certifications: Certifications demonstrating strong skills in governance, risk, compliance, and audit are highly preferred. Relevant credentials include ISC² CISSP or CCSP, ISACA CISM, CRISC, or CISA, ISO 27001 Lead Implementer/Lead Auditor, HITRUST, or similar GRC-related certifications. Certifications like CompTIA Security+ may also be considered if combined with proven experience in risk management, compliance oversight, and security governance. These credentials show a commitment to professional development and expertise in organizational security assurance.
Frameworks and Compliance Experience: Hands-on experience with cybersecurity frameworks and compliance programs, such as direct involvement in NIST RMF processes, CMMC readiness or audits, ISO 27001 implementation, or similar risk management and compliance efforts. Practical experience ensuring compliance with data protection regulations (HIPAA, FERPA, etc.) is a plus.
Enterprise Environment Experience: Experience working in a large enterprise or higher-education environment is preferred. Understanding the complexities of a distributed, diverse IT environment (such as a university with research labs, academic and administrative networks, and varied user populations) will help the candidate quickly adapt to ASU's landscape.
Project Leadership: Proven experience leading cybersecurity projects or initiatives. This includes successfully driving security improvements from concept to completion, such as deploying new security tools, leading incident response enhancement projects, or conducting campus-wide risk assessments. Experience should involve coordinating across multiple teams or departments.
Communication and Training: Experience in developing and delivering security training or awareness programs is advantageous. The ability to create informative presentations or workshops for end-users or technical teams, along with public speaking or security advocacy experience, will help promote ASU's security culture.
Demonstrated ability to model empathy, compassion, and emotional intelligence.
Experience in a values-driven organization with a strong commitment to inclusion and belonging.
Ability to cultivate a psychologically safe environment where all team members can thrive.
Capacity to inspire and drive meaningful change in individual, institutional, and corporate behaviors to support a more sustainable environment.
Commitment to leading by example through effective communication, active participation, and advocacy for the institution's sustainability programs.

Working Environment:

This position is hybrid, meaning the employee spends a minimum of 60% of their regular workweek at their primary ASU work location.
Activities primarily take place in a standard, climate-controlled office environment and may involve extended periods of sitting, standing, or moving between office spaces.
This role involves regular use of a computer (desktop and/or laptop), including a keyboard and mouse.
Effective communication and proficiency with a variety of technologies are essential for collaboration with the broader team.
Required to stand for varying lengths of time and walk moderate distances to perform work.
Regular responsibilities may require the ability to quickly change priorities, which may include and/or are subject to resolution of conflicts.
Occasional after-hours or weekend work might be necessary to handle critical incidents or meet project deadlines.
The Senior Cybersecurity Analyst must effectively balance in-person collaboration with remote tasks, ensuring productivity in both environments.
Travel is usually minimal, but the analyst may occasionally need to attend training, conferences, or meetings on behalf of the university.

Department Statement:

Enterprise Technology (ET) embraces its role as both an enabler and catalyst for advancing the vision and work of the New American University. We are a values-driven organization. Our commitments are reflected in all of the work we do in pursuit of operational excellence, the experience and delight of our community, and our strategic and innovation initiatives. Applicants must be eligible to work in the United States.

Join the team that sparks human-centered innovation

ET is a rapidly reconfigurable and entrepreneurial organization at ASU that prioritizes and executes to meet the needs of our community of learners, faculty, researchers and staff. Our work emphasizes autonomy, flexibility and distributed decision-making to leverage the strengths of individuals. Together, we embrace a culture that nurtures, engages and embraces many voices with a shared lens of positive community impact and expanded opportunities for collaboration.

Why join us?

Mission oriented. Everything we do is to advance ASU's charter -- measuring who we include and how they succeed. We are staunch champions of learner success and put people first.

Flexibility. Our flexible work environment allows employees to explore opportunities with their supervisor beyond the traditional work schedule. Opportunities include hybrid work where staff are in person three days per week.

Culture forward. We embrace a Positive Core culture: Belonging, Relational, Authentic, Visionary and Empowered.

Scale of impact. Our work changes the world. With 200k+ learners, faculty, researchers and staff, working with ET means you have the capacity to improve many lives and entire communities.

World-class, low cost education. Our professional development is built in! ET encourages staff to seek additional certificates and degrees via ASU's top ranked programs with major tuition breaks.

Exposure to industry giants. ET partners with Amazon, Apple, Arista, Cox, Verizon, Salesforce, Alteryx and a diversity of technology companies to enhance our innovations and deepen their impact.

Driving Requirement:Driving is not required for this position.

Location:Campus: Tempe

Funding:No Federal Funding

Instructions to Apply:

Current Employees and Students should apply directly within Workdayusing the Jobs Hub. Use this link and log in using SSO:

https://www.myworkday.com/asu/d/inst/1$9925/9925$15717.htmld

To be considered, your application must include all of the following attachments:

Cover letter
Resume/CV

Note: Multiple documents can be submitted into the attachment box. Alternatively, merge all documents into one PDF for submission.

Please include all employment information in month/year format (e.g., 6/88 to 8/94), job title, job duties and name of employer for each position. Resume should clearly illustrate how prior knowledge and experience meets the Minimum and Desired qualifications of this position. NOTE: GA and Intern positions are counted as .5 for job experience (ie. 1 year equals 6 months experience equivalency). Only electronic applications are accepted for this position.

Need help finding the right job?

We can recommend jobs specifically for you! Create a custom Job Alert by selecting criteria that suit your career interests.

ASU Statement:

Arizona State University is a new model for American higher education, an unprecedented combination of academic excellence, entrepreneurial energy and broad access. This New American University is a single, unified institution comprising four differentiated campuses positively impacting the economic, social, cultural and environmental health of the communities it serves. Its research is inspired by real world application blurring the boundaries that traditionally separate academic disciplines. ASU serves more than 100,000 students in metropolitan Phoenix, Arizona, the nation's fifth largest city. ASU champions inclusive excellence, and welcomes students from all fifty states and more than one hundred nations across the globe.

ASU is a tobacco-free university. For details visit https://wellness.asu.edu/explore-wellness/body/alcohol-and-drugs/tobacco

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other basis protected by law.

Notice of Availability of the ASU Annual Security and Fire Safety Report:

In compliance with federal law, ASU prepares an annual report on campus security and fire safety programs and resources. ASU's Annual Security and Fire Safety Report is available online at https://www.asu.edu/police/PDFs/ASU-Clery-Report.pdf. You may request a hard copy of the report by contacting the ASU Police Department at 480-965-3456.

Relocation Assistance - For information about schools, housing child resources, neighborhoods, hospitals, community events, and taxes, visit https://cfo.asu.edu/az-resources.

Employment Verification Statement:

ASU conducts pre-employment screening which may include verification of work history, academic credentials, licenses, and certifications.

Background Check Statement:

ASU conducts pre-employment screening for all positions which includes a criminal background check, verification of work history, academic credentials, licenses, and certifications. Employment is contingent upon successful passing of the background check.

Fingerprint Check Statement:This position is considered safety/security sensitive and will include a fingerprint check. Employment is contingent upon successful passing of the fingerprint check.

Original Job Description