Apply on Employer Site

Missouri University of Science and Technology · 1 day ago

SECURITY ANALYST #00031824

Rolla, MO

Full-time

Onsite

Mid, Senior Level

$53K/yr - $120K/yr

5+ years exp

Missouri University of Science and Technology is a leading research university focused on education and research. They are seeking a Security Analyst to serve as a technical security expert, responsible for firewall management, Azure security, incident response, and vulnerability management to ensure compliance with industry regulations and enhance the organization's security posture.

EducationHigher EducationUniversities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Configure, monitor, and maintain enterprise firewalls to ensure secure network traffic and prevent unauthorized access

Develop and implement firewall policies and rules based on industry standards and security best practices

Design and manage network segmentation to protect sensitive data and systems from potential threats

Troubleshoot and resolve firewall-related incidents and performance issues

Collaborate with network teams to ensure firewall and network segmentation changes are aligned with organizational goals

Collaborate with Networking and Systems Infrastructure team on the maintenance of data center firewall rulesets and routing related to service delivery

Manage Azure Active Directory as part of a systemwide team, ensuring secure and scalable identity and access management

Implement and manage security solutions within Microsoft Azure, including configuring security policies, managing resources, and monitoring for vulnerabilities

Ensure proper configuration and security of Active Directory services, including group policy management, permissions, and role-based access controls

Contribute to the maintenance of local custom web tools for privilege delegation capabilities of AD/Azure/other management functions

Oversee user account lifecycle management, including the provisioning, de-provisioning, and auditing of user access to systems

Ensure adherence to the principle of least privilege across all account management activities

Conduct regular reviews of user accounts and permissions to identify and mitigate potential security risks

Lead and participate in security incident response activities, including investigating, analyzing, and mitigating security incidents

Hunt for and remediate phishing campaigns, ensuring timely detection and neutralization of threats

Secure email to prevent misuse and ensure the integrity of organizational communications

Perform forensic analysis and root cause investigations to determine the scope and impact of security events

Develop and document incident response procedures and runbooks to improve the organization’s response capabilities

Collaborate with other teams to ensure proper escalation and resolution of security incidents

Administer vulnerability management tools, discovery, tracking, and remediation coordination

Administer Microsoft security environment including Defender, Entra, Purview, and Sentinel

Lead technical security operations including security monitoring and reporting

Monitor security systems and logs for signs of potential vulnerabilities or breaches

Develop and maintain security dashboards and reports for senior management and stakeholders

Provide guidance on emerging threats, vulnerabilities, and best practices

Provide oversight to other teams for patch management progress/state as well as help to determine when security issues require immediate vs delayed action

Ensure that security controls comply with industry regulations, such as CUI, NSPM-33, PCI, HIPAA, NIST 800-171, NIST 800-172, ITAR, NERC, and organizational policies

Conduct regular security assessments, vulnerability scans, and penetration tests

Review software, hardware, services, and vendors for adoption

Recommend and implement security enhancements based on risk assessments and security audits

Maintain compliance with export-controlled data regulations and work closely with law enforcement on related matters

Qualification

Firewall ManagementAzure SecurityIncident ResponseVulnerability ManagementRisk ManagementCybersecurity CertificationScriptingAutomationSecurity FrameworksAnalytical SkillsCommunication Skills

Required

Bachelors degree in computer science, cybersecurity, or similar fields, or equivalent experience

Ability to work on export controlled projects

Ability to obtain and maintain a top-secret security clearance is required

5 years of experience in security analysis with hands-on experience in firewall management, Azure, Active Directory, account management, and incident response

A cyber security certification such as CISSP, CISM, CEH, or equivalent is required

Proficiency in scripting and automation (PowerShell, Python) for security purposes is a requirement

Excellent analytical, problem-solving, and communication skills

Preferred

Expertise in incident response, phishing remediation, mass email security, risk mitigation, and security operations

Expertise in data security concepts such as security labeling, Controlled Unclassified Information (CUI), Secret, and Top-Secret information, and tools such as Microsoft Purview preferred

Expertise in Microsoft security and networking tools such as Active Directory, Domain Controllers, Defender, Entra, and Sentinel preferred

Expertise in vulnerability scanning tools such as Tenable, Qualys, Nessus, and Nmap

Knowledge of access management models such as Identity and Access Management (AIM_ access controls, Access Control List (ACL) access controls, Privileged Access Workstation (PAWs), Role-Base Access Controls (RBAC), Attribute-Based Access Controls (ABAC), Privilege Escalation access control, and Zero Trust Network Access (ZTNA) preferred

Ability to work with export-controlled data and collaborate with law enforcement agencies

Strong understanding of security frameworks such as NIST CSF, NIST 800-53, NIST 800-88, PCI, ITAR, NERC, ISO 27001, and CIS Controls

Existing security clearance is preferred