Senior Cybersecurity Analyst
The Senior Cybersecurity Analyst serves as an advanced-level professional who leads the design, development, implementation and ongoing enhancement of complex cybersecurity programs and processes to protect organizational systems, networks, and data. Reporting to the Manager of Enterprise IT Security and Operations, this role provides leadership for strategic initiatives and program development within one or more assigned cybersecurity domains (e.g., incident response, vulnerability management, threat intelligence, risk management). The Senior Cybersecurity Analyst develops policies, procedures, playbooks/runbooks, and automation to strengthen the organization's security posture. This role ensures alignment with regulatory frameworks such as HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST and collaborates with IT and business leaders to integrate security into the SDLC and operational processes. Additionally, the Senior Cybersecurity Analyst mentors analysts and supports a risk-aware environment through outreach and education. Responsibilities
Designs and Leads Cybersecurity Programs Leads the design, development, implementation, and ongoing enhancement of enterprise-level complex cybersecurity programs for assigned domains (e.g., incident response, vulnerability management, threat intelligence, risk management). Creates policies, procedures, playbooks/runbooks, and automation to support program execution. Oversees program governance, maturity roadmaps, and continuous improvement initiatives. Partners with the campus Information Security Office on security architecture, tooling, and enterprise-wide initiatives. Leads real-time response and resolution for critical security events across assigned domains. Leads response to complex security incidents (detection, analysis, containment, eradication, recovery) using advanced threat hunting techniques and collaborating with the campus Information Security Office, who owns and manages the SIEM/SOAR/other security tools. Directs Governance, Risk, and Compliance Establishes and enforces security policies, standards, and procedures aligned with regulatory mandates. Monitors adherence to HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST frameworks. Manages risk registers, evaluates control effectiveness, and leads remediation planning for high-risk findings. Oversees internal and external audits; prepares compliance reports, attestations, and evidence. Conducts third-party and vendor security assessments to ensure compliance with organizational standards and regulatory requirements. Operationalizes Threat Intelligence and Risk Management Collects and applies threat intelligence to enhance detection, prevention, and response capabilities. Identifies control gaps and recommends improvements to security architecture and processes. Automates workflows for threat enrichment, triage, and reporting to improve efficiency. Integrates threat intelligence into SIEM/SOAR platforms and detection use cases. Conducts proactive analysis and advanced techniques to identify and mitigate emerging risks across domains. Develops Metrics and Reporting Establishes cybersecurity KPIs and dashboards (e.g., MTTR, vulnerability SLAs). Aggregates data for executive and board-level reporting. Provides actionable recommendations based on trend analysis and performance metrics. Communicates findings effectively to technical and non-technical stakeholders. Mentors and Trains Analysts Guides analysts on advanced techniques, tools, and best practices. Reviews casework and provides constructive feedback to improve quality. Develops training materials and assists on tabletop exercises; promotes knowledge sharing within the team. Promotes Security Awareness Supports enterprise-wide security awareness initiatives and outreach. Contributes content for campaigns, briefings, and learning sessions. Helps cultivate a risk-aware environment through education and engagement. Leads Cybersecurity Projects and Initiatives Leads discrete security projects, risk assessments, and implementation of new solutions. Collaborates with IT and cross-functional teams to integrate security into SDLC and strategic initiatives. Manages projects and ensures alignment with organizational objectives. Marginal or Periodic Functions: Helps with updates to disaster recovery and incident response plans. Represents the organization during cybersecurity audits and external assessments. Participates in professional development, advanced training, and conferences. Adheres to internal controls and reporting structure. Performs related duties as required. Knowledge/Skills/Abilities
Problem Solving Uses rigorous logic and data to solve difficult problems; probes for root causes; blends analysis, experience, and judgment to craft practical solutions. Diagnoses root causes of security issues across programs using correlated telemetry and evidence. Frames hypotheses, tests alternatives, and selects mitigations that reduce risk while sustaining operations. Documents decision paths and lessons learned; folds improvements into playbooks and standard work. Decision Quality Makes sound, timely decisions based on analysis and judgment; considers risk, impact, and trade-offs; acts decisively when required. Applies risk criteria to prioritize actions during incidents and remediation. Commits to containment or eradication under uncertainty; adjusts as new intelligence emerges. Records rationale, residual risk, and next steps for transparent communication. Process Management Designs and manages processes that are clear, efficient, and scalable; defines roles, handoffs, metrics, and continuous improvement mechanisms. Builds governance, procedures, and runbooks for cybersecurity programs. Automates repetitive tasks and tracks KPIs to improve efficiency and outcomes. Conducts program reviews and integrates improvements into tooling and processes. Functional/Technical Skills Possesses and applies technical knowledge to perform effectively; keeps skills current and applies them to solve real problems. Applies expert knowledge of operating systems, network protocols, SIEM/SOAR platforms, and vulnerability tools. Uses threat intelligence to enhance detections and strengthen preventive controls. Aligns control designs with frameworks (NIST CSF, NIST 800-53, HITRUST). Priority Setting Focuses time and resources on the most critical tasks; quickly senses what will help or hinder goal achievement; removes roadblocks and creates focus. Triages alerts and cases to direct resources to high-impact events and initiatives. Balances strategic improvements with urgent operational demands. Communicates trade-offs and timelines to stakeholders. Dealing with Ambiguity Acts effectively without complete information; shifts gears comfortably; is calm and effective amid change and uncertainty. Initiates containment and investigative steps based on partial indicators. Adapts hypotheses and approach with new artifacts and intelligence. Provides clear guidance to stakeholders during evolving situations. Developing Others Provides feedback and coaching; helps others learn and grow; creates opportunities for skill development and ready-now capability. Coaches junior analysts on tooling, decision criteria, and investigative methods. Creates training materials and standard work to accelerate readiness. Encourages knowledge sharing through tabletop exercises and debriefs. Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5 years of proven experience developing security incident response programs, and associated tooling. Demonstrated expertise in security incident detection, investigation, and response. Demonstrated knowledge of network protocols, operating systems, SIEM tools, and ITIL processes. Experience with compliance frameworks including NIST CSF, NIST 800-53, and HITRUST.
The Senior Cybersecurity Analyst serves as an advanced-level professional who leads the design, development, implementation and ongoing enhancement of complex cybersecurity programs and processes to protect organizational systems, networks, and data. Reporting to the Manager of Enterprise IT Security and Operations, this role provides leadership for strategic initiatives and program development within one or more assigned cybersecurity domains (e.g., incident response, vulnerability management, threat intelligence, risk management). The Senior Cybersecurity Analyst develops policies, procedures, playbooks/runbooks, and automation to strengthen the organization's security posture. This role ensures alignment with regulatory frameworks such as HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST and collaborates with IT and business leaders to integrate security into the SDLC and operational processes. Additionally, the Senior Cybersecurity Analyst mentors analysts and supports a risk-aware environment through outreach and education. Responsibilities
Designs and Leads Cybersecurity Programs Leads the design, development, implementation, and ongoing enhancement of enterprise-level complex cybersecurity programs for assigned domains (e.g., incident response, vulnerability management, threat intelligence, risk management). Creates policies, procedures, playbooks/runbooks, and automation to support program execution. Oversees program governance, maturity roadmaps, and continuous improvement initiatives. Partners with the campus Information Security Office on security architecture, tooling, and enterprise-wide initiatives. Leads real-time response and resolution for critical security events across assigned domains. Leads response to complex security incidents (detection, analysis, containment, eradication, recovery) using advanced threat hunting techniques and collaborating with the campus Information Security Office, who owns and manages the SIEM/SOAR/other security tools. Directs Governance, Risk, and Compliance Establishes and enforces security policies, standards, and procedures aligned with regulatory mandates. Monitors adherence to HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST frameworks. Manages risk registers, evaluates control effectiveness, and leads remediation planning for high-risk findings. Oversees internal and external audits; prepares compliance reports, attestations, and evidence. Conducts third-party and vendor security assessments to ensure compliance with organizational standards and regulatory requirements. Operationalizes Threat Intelligence and Risk Management Collects and applies threat intelligence to enhance detection, prevention, and response capabilities. Identifies control gaps and recommends improvements to security architecture and processes. Automates workflows for threat enrichment, triage, and reporting to improve efficiency. Integrates threat intelligence into SIEM/SOAR platforms and detection use cases. Conducts proactive analysis and advanced techniques to identify and mitigate emerging risks across domains. Develops Metrics and Reporting Establishes cybersecurity KPIs and dashboards (e.g., MTTR, vulnerability SLAs). Aggregates data for executive and board-level reporting. Provides actionable recommendations based on trend analysis and performance metrics. Communicates findings effectively to technical and non-technical stakeholders. Mentors and Trains Analysts Guides analysts on advanced techniques, tools, and best practices. Reviews casework and provides constructive feedback to improve quality. Develops training materials and assists on tabletop exercises; promotes knowledge sharing within the team. Promotes Security Awareness Supports enterprise-wide security awareness initiatives and outreach. Contributes content for campaigns, briefings, and learning sessions. Helps cultivate a risk-aware environment through education and engagement. Leads Cybersecurity Projects and Initiatives Leads discrete security projects, risk assessments, and implementation of new solutions. Collaborates with IT and cross-functional teams to integrate security into SDLC and strategic initiatives. Manages projects and ensures alignment with organizational objectives. Marginal or Periodic Functions: Helps with updates to disaster recovery and incident response plans. Represents the organization during cybersecurity audits and external assessments. Participates in professional development, advanced training, and conferences. Adheres to internal controls and reporting structure. Performs related duties as required. Knowledge/Skills/Abilities
Problem Solving Uses rigorous logic and data to solve difficult problems; probes for root causes; blends analysis, experience, and judgment to craft practical solutions. Diagnoses root causes of security issues across programs using correlated telemetry and evidence. Frames hypotheses, tests alternatives, and selects mitigations that reduce risk while sustaining operations. Documents decision paths and lessons learned; folds improvements into playbooks and standard work. Decision Quality Makes sound, timely decisions based on analysis and judgment; considers risk, impact, and trade-offs; acts decisively when required. Applies risk criteria to prioritize actions during incidents and remediation. Commits to containment or eradication under uncertainty; adjusts as new intelligence emerges. Records rationale, residual risk, and next steps for transparent communication. Process Management Designs and manages processes that are clear, efficient, and scalable; defines roles, handoffs, metrics, and continuous improvement mechanisms. Builds governance, procedures, and runbooks for cybersecurity programs. Automates repetitive tasks and tracks KPIs to improve efficiency and outcomes. Conducts program reviews and integrates improvements into tooling and processes. Functional/Technical Skills Possesses and applies technical knowledge to perform effectively; keeps skills current and applies them to solve real problems. Applies expert knowledge of operating systems, network protocols, SIEM/SOAR platforms, and vulnerability tools. Uses threat intelligence to enhance detections and strengthen preventive controls. Aligns control designs with frameworks (NIST CSF, NIST 800-53, HITRUST). Priority Setting Focuses time and resources on the most critical tasks; quickly senses what will help or hinder goal achievement; removes roadblocks and creates focus. Triages alerts and cases to direct resources to high-impact events and initiatives. Balances strategic improvements with urgent operational demands. Communicates trade-offs and timelines to stakeholders. Dealing with Ambiguity Acts effectively without complete information; shifts gears comfortably; is calm and effective amid change and uncertainty. Initiates containment and investigative steps based on partial indicators. Adapts hypotheses and approach with new artifacts and intelligence. Provides clear guidance to stakeholders during evolving situations. Developing Others Provides feedback and coaching; helps others learn and grow; creates opportunities for skill development and ready-now capability. Coaches junior analysts on tooling, decision criteria, and investigative methods. Creates training materials and standard work to accelerate readiness. Encourages knowledge sharing through tabletop exercises and debriefs. Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5 years of proven experience developing security incident response programs, and associated tooling. Demonstrated expertise in security incident detection, investigation, and response. Demonstrated knowledge of network protocols, operating systems, SIEM tools, and ITIL processes. Experience with compliance frameworks including NIST CSF, NIST 800-53, and HITRUST.