Cybersecurity Analyst
Taylor's University Sdn Bhd, Lakeside, FL, United States
The Cybersecurity Analyst
acts as a senior technical lead and operational supervisor for the university’s security function. This role combines hands‑on technical analysis with management responsibilities, ensuring that security monitoring, incident response, and compliance activities are executed effectively.
Key Responsibilities
Lead and Oversee Security Monitoring : Supervise the continuous monitoring of security alerts, logs, and events from security tools to ensure timely identification, triaging, and remediation of potential threats and vulnerabilities.
Advanced Risk Assessment & Management : Perform and oversee the continuous identification of security‑related risks and control gaps, ensuring emerging threats affecting university systems and data are documented in the risk register.
Incident Response Leadership : Lead security incident response activities, including technical investigation, forensic evidence collection, and root cause analysis, while managing communication and escalation to the CIO.
Strategic Vulnerability Management:
Direct regular vulnerability assessments and security audits, prioritizing remediation actions based on business impact and tracking them to successful closure.
Governance & Compliance Oversight:
Perform and manage continuous security audits to ensure institution‑wide adherence to internal policies and external regulatory requirements (e.g., NIST, ISO 27001).
Policy Development & Optimization:
Review, develop, and improve security policies, standards, and SOPs to ensure they align with evolving cybersecurity best practices and institutional goals.
IAM Strategy & Oversight : Manage identity and access management (IAM) activities, overseeing user access reviews, privileged access management, and the implementation of multi‑factor authentication.
Cross‑Functional Collaboration : Lead collaboration with network, infrastructure, and IT operations teams on security‑centric projects, system hardening, and secure configuration baselines.
Security Architecture & Project Review:
Provide senior‑level security input for IT projects, reviewing system designs and assessing risks to ensure security requirements are integrated from the inception phase.
Process Improvement & Automation:
Analyze existing IT security processes, drive process improvement initiatives, and implement automated workflows to enhance the efficiency of security operations.
Framework Alignment:
Ensure the university’s cybersecurity framework remains compliant with applicable standards and national guidelines, adapting strategies to meet new regulatory changes.
Cybersecurity Awareness Leadership:
Lead the development and delivery of cybersecurity awareness initiatives for staff and students, contributing high‑level training materials and best‑practice campaigns.
Governance Documentation:
Maintain and verify the accuracy of security documentation, audit records, and risk reports to support governance, risk management, and compliance (GRC) activities.
Required Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. A Master’s degree or relevant postgraduate qualification is highly preferred.
Minimum of 5–7 years of experience
in cybersecurity operations, with at least 2 years in a senior analyst or supervisory role.
Professional security certifications such as CISSP, CISM, CISA, GCIH, or equivalent are highly advantageous.
Advanced understanding of cybersecurity concepts, including advanced persistent threats (APT), zero‑day vulnerabilities, malware analysis, and defensive security controls.
In‑depth technical knowledge of Windows and Linux operating systems, including system hardening and kernel‑level security configurations.
Comprehensive understanding of networking concepts such as TCP/IP, DNS, BGP, next‑generation firewalls (NGFW), and zero‑trust network architecture.
Proven ability to lead structured security processes, manage incident response lifecycles, and drive continuous improvement initiatives across a department.
Strong experience in regulatory compliance, with the ability to map technical controls to frameworks such as ISO 27001, NIST CSF, or CIS Critical Security Controls.
Preferred Skills & Knowledge
Experience with security tools such as vulnerability scanners, SIEM platforms, endpoint security, or log analysis tools.
Knowledge of security frameworks and standards such as NIST, ISO 27001, CIS Controls, or similar.
Basic scripting or automation skills (e.g. Python, Bash, PowerShell) to support security operations.
Experience supporting or participating in security audits, compliance assessments, or risk management activities.
Strong documentation, reporting, and analytical skills.
Personal Attributes
Strong interest in cybersecurity and commitment to continuous professional development.
Analytical mindset with strong problem‑solving and investigative skills.
High attention to detail and ability to work methodically and accurately.
Good communication skills and ability to collaborate effectively with technical and non‑technical stakeholders.
Strong ethical standards with respect for data privacy, confidentiality, and responsible security practices.
#J-18808-Ljbffr
acts as a senior technical lead and operational supervisor for the university’s security function. This role combines hands‑on technical analysis with management responsibilities, ensuring that security monitoring, incident response, and compliance activities are executed effectively.
Key Responsibilities
Lead and Oversee Security Monitoring : Supervise the continuous monitoring of security alerts, logs, and events from security tools to ensure timely identification, triaging, and remediation of potential threats and vulnerabilities.
Advanced Risk Assessment & Management : Perform and oversee the continuous identification of security‑related risks and control gaps, ensuring emerging threats affecting university systems and data are documented in the risk register.
Incident Response Leadership : Lead security incident response activities, including technical investigation, forensic evidence collection, and root cause analysis, while managing communication and escalation to the CIO.
Strategic Vulnerability Management:
Direct regular vulnerability assessments and security audits, prioritizing remediation actions based on business impact and tracking them to successful closure.
Governance & Compliance Oversight:
Perform and manage continuous security audits to ensure institution‑wide adherence to internal policies and external regulatory requirements (e.g., NIST, ISO 27001).
Policy Development & Optimization:
Review, develop, and improve security policies, standards, and SOPs to ensure they align with evolving cybersecurity best practices and institutional goals.
IAM Strategy & Oversight : Manage identity and access management (IAM) activities, overseeing user access reviews, privileged access management, and the implementation of multi‑factor authentication.
Cross‑Functional Collaboration : Lead collaboration with network, infrastructure, and IT operations teams on security‑centric projects, system hardening, and secure configuration baselines.
Security Architecture & Project Review:
Provide senior‑level security input for IT projects, reviewing system designs and assessing risks to ensure security requirements are integrated from the inception phase.
Process Improvement & Automation:
Analyze existing IT security processes, drive process improvement initiatives, and implement automated workflows to enhance the efficiency of security operations.
Framework Alignment:
Ensure the university’s cybersecurity framework remains compliant with applicable standards and national guidelines, adapting strategies to meet new regulatory changes.
Cybersecurity Awareness Leadership:
Lead the development and delivery of cybersecurity awareness initiatives for staff and students, contributing high‑level training materials and best‑practice campaigns.
Governance Documentation:
Maintain and verify the accuracy of security documentation, audit records, and risk reports to support governance, risk management, and compliance (GRC) activities.
Required Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. A Master’s degree or relevant postgraduate qualification is highly preferred.
Minimum of 5–7 years of experience
in cybersecurity operations, with at least 2 years in a senior analyst or supervisory role.
Professional security certifications such as CISSP, CISM, CISA, GCIH, or equivalent are highly advantageous.
Advanced understanding of cybersecurity concepts, including advanced persistent threats (APT), zero‑day vulnerabilities, malware analysis, and defensive security controls.
In‑depth technical knowledge of Windows and Linux operating systems, including system hardening and kernel‑level security configurations.
Comprehensive understanding of networking concepts such as TCP/IP, DNS, BGP, next‑generation firewalls (NGFW), and zero‑trust network architecture.
Proven ability to lead structured security processes, manage incident response lifecycles, and drive continuous improvement initiatives across a department.
Strong experience in regulatory compliance, with the ability to map technical controls to frameworks such as ISO 27001, NIST CSF, or CIS Critical Security Controls.
Preferred Skills & Knowledge
Experience with security tools such as vulnerability scanners, SIEM platforms, endpoint security, or log analysis tools.
Knowledge of security frameworks and standards such as NIST, ISO 27001, CIS Controls, or similar.
Basic scripting or automation skills (e.g. Python, Bash, PowerShell) to support security operations.
Experience supporting or participating in security audits, compliance assessments, or risk management activities.
Strong documentation, reporting, and analytical skills.
Personal Attributes
Strong interest in cybersecurity and commitment to continuous professional development.
Analytical mindset with strong problem‑solving and investigative skills.
High attention to detail and ability to work methodically and accurately.
Good communication skills and ability to collaborate effectively with technical and non‑technical stakeholders.
Strong ethical standards with respect for data privacy, confidentiality, and responsible security practices.
#J-18808-Ljbffr