The Security Analyst is responsible for planning, coordinating, and implementing security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information. This position is governed by state and federal law and institution policy.
Implements intrusion detection and avoidance measures, such as logging, firewalling, activity monitors, virus scanners, or other intrusion detection methods.
Reviews logging information of assigned systems and devices for abnormal or irregular use characteristic of unauthorized access or denial service.
Assists users in the detection of and recovery from security intrusions on their computer systems.
Performs security audits on portions of the network, as directed by the Associate Director of Computing Services.
Contacts users with audit information and assists with techniques to eliminate or minimize vulnerabilities.
Assists in preparing and documenting information protection plans, policies, and procedures.
Collects evidence for use in criminal prosecution of security intrusions or violations of computing practice.
Contacts appropriate personnel in the event of a security intrusion or policy violation.
Performs other duties as assigned.
KNOWLEDGE, ABILITIES, AND SKILLS:
Knowledge of communications’ protocols and standards related to security. Knowledge of information protection methodologies and concepts. Knowledge of server administration, as applied to network and internet security. Knowledge of information protection standards, guidelines, and applied procedures.
Ability to identify potential security breaches and implement counter measures. Ability to interface with individuals at all levels of the organization and to establish effective working relationships. Ability to work with sensitive information and maintain confidentiality of such data and information.
MINIMUM EDUCATION AND/OR EXPERIENCE:
The formal education of a bachelor’s degree in computer science, information systems, or related field; plus three years of experience in computer operations, data applications, systems analysis, or database management.
Additional requirements determined by the agency for recruiting purposes require review and approval by the Arkansas Division of Higher Education.
OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE.