If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.
Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.
Great Benefits: Health, Vision, Dental, 401k, Tuition Discount, Health and Wellness programs.
The Information Technology Security Analyst is a position of technical expertise, influence, and leadership in the security technology realm. The Staff IT Security Analyst is highly passionate and is a deeply technical Security Expert to help the University and its employees develop sound security practices. WGU Security Analysts will deliver security solutions, risk and control guidance, lead proof-of-concept projects, and conduct workshops. Experience determining, verifying and documenting security flaws in accordance with industry best practice.
Essential Functions and Responsibilities:
- Work with developers as part of the Software Development Life Cycle
- Cultivate secure coding standards based on industry accepted frameworks.
- Understand how to identify, exploit, and remediate common application vulnerabilities through use of tools and code review.
- Prioritize and track assigned security issues.
- Enforce secure development standards and requirements.
- Familiarity with compliance & security standards across the enterprise IT landscape deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a complex environment.
- Harden networks, containers, VMs, and other infrastructure to reduce risk of security misconfigurations.
- Write and implement policy-as-code to automate the enforcement of compliance and security configuration management.
- Working knowledge of cloud computing technologies.
- Familiarity with archive, backup/recovery and business continuity processes in distributed operations
- Demonstrated ability to think strategically about business, product, and technical challenges.
- Assist with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, vulnerability management.
- Functions equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work.
- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.
- Assist in the development of cloud security policies and procedures.
- Build and maintain relationships across the University to promote cloud security initiatives.
- Identify gaps in the University’s security model, suggest solutions including tools and processes.
- Engage with security architects to capture design requirements for cloud architectures and implementation strategies.
- Create new processes, identify new threats and mitigation strategies.
- Performs other related duties as assigned.
Knowledge, Skill and Abilities:
- Experience with security industry standards and best practices. Proven experience with interpretation and implementation of those standards in a corporate environment.
- High integrity. Will be working with sensitive data.
- Operate Information security tools and processes.
- Execute established security practices with consistency and discipline.
- Hands on experience integrating security into the various stages of a CI/CD pipeline.
- Ability to contribute new intellectual capital through deep knowledge and direct professional experience in a subject matter area or technical domain within this function.
- Experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.).
- Scripting language experience (Bash, Python, etc.) with strong working knowledge of automation.
- Strong analytical and technical skills.
- Good written and oral communication skills.
- Knowledge of threat modeling and risk assessment strategies.
- Highly technical and analytical, possessing 7 or more years of IT implementation experience.
- The individual is acknowledged across groups as an expert in the area of technical discipline or thought leader.
- Typically requires a University Degree or equivalent experience.
- 12 years of prior relevant experience.
- Advanced degrees (Master’s or PhD) may be required for certain disciplines and reduce the experience requirement by 2-4 years.
- Strong experience with distance education and distance learning students is preferred.
- CCSP, CCSK, CISSP and AWS certifications.
- CCNA Certification
- Masters Degree in IT security, compliance or risk management
- ISACA Certifications.
- Experience working with application security platforms
- Strong history of providing infrastructure and network security support.
- Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies.
- Working knowledge of federated single sign on (SSO) solutions.
- Experience with designing and implementing native AWS security tools like Guard Duty, Security Hub, IAM access analyzer, Macie, Inspector, and WAF.
Disclaimer: This Job Description has been designed to indicate the general nature, essential duties, and responsibilities of work performed by employees within this classification. It does not contain a comprehensive inventory of all duties, responsibilities, and qualifications that are required of the employee to do this job. Duties, responsibilities and activities may change at any time with or without notice. This Job Description does not constitute a contract of employment and the University may exercise its employment-at-will rights at any time.
*Current WGU employees must submit their internal application prior to 12/8/2022 to be considered for this position*
As an equal opportunity employer, WGU recognizes that our strength lies in our people. We are committed to diversity.