Description
Southern New Hampshire University is a team of innovators. World changers. Individuals who believe in progress with purpose. Since 1932, our people-centered strategy has defined us - and helped us grow a team that now serves over 180,000 learners worldwide.
Our mission to transform lives is made possible by talented people who bring diverse industry experience, backgrounds and skills to the university. And today, we're ready to expand our reach. All we need is you.
Make an impact - from near or far
At SNHU, you'll have the option to work remotely in the following states: Alabama, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, New Hampshire, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, West Virginia, Wisconsin and Wyoming.
We ask that our remote employees have access to a reliable internet connection and a dedicated, properly equipped workspace that is free of distractions. Employees must reside in, and work from, one of the above approved states.
The opportunity
The Information Security Analyst II will report directly to the Director of Information Security Operations. As an Information Security Analyst II, you will be a senior member of the Security Operations Center (SOC) team and is responsible for monitoring a large, complex enterprise technology ecosystem, detecting, analyzing, and investigating information security events within that ecosystem, and responding to information security incidents to ensure the protection of SNHU's mission critical technology resources and institutional information.
The SOC team analyzes events from multiple sources from across all university technology resources including networks, applications, and other assets.
The critical duties and responsibilities of the SOC team must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work, and/or require work during non-business hours.
You will work 100% remotely from any of our approved working states. #LI-Remote
What You'll Do:
Be an initial evaluation point for all security-related tickets that come into the team's multiple queues (including triage, containment, and remediation).
Understand the basic incident response lifecycle.
Excel at documentation and detailed notetaking, including SOP writing, incident reporting, email and instant messaging etiquette, and most importantly, documenting incident actions.
Collect and analyze log data from complex, virtualized, multi-site computing environments and SNHU's technology ecosystem.
Conduct real-time monitoring of security events from multiple sources and use analytical and problem-solving skills to identify, triage, analyze, investigate, and escalate information security events and alerts.
Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s).
Perform incident response activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis.
Perform investigation and escalation for complex or high severity security threats or incidents.
Coordinate information security incident response according to SNHU's Information Security Incident Response Plan.
Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities.
Design and implement or monitor information security incident remediation plans.
Design and manage security tools (e.g. Splunk, Halcyon, Microsoft Defender, Tenable).
Design, deploy, and manage detections and alerts for specific or common threat condition
