__blank__ __blank__

Application Security Analyst

Apply now Job no: 529954
Work type: Classified Staff
Location: Eugene, OR
Categories: Information Technology, Computer and Information Science

Department: Information Services
Classification: Analyst Programmer 2
Appointment Type and Duration: Regular, Ongoing
Salary: $27.46 - $50.95 per hour
FTE: 1.0

Review of Applications Begins

September 6, 2022, open until filled

Special Instructions to Applicants

Complete applications must include:
1) A current resume
2) A cover letter indicating how you meet the minimum and, if applicable, preferred qualifications for the position. Please describe how you have added value in previous roles and how you would add value in this role.
3) Three professional references

Any application missing the above documents/information may be considered incomplete. In order to ensure consideration, please submit your application materials prior to or on the listed review date.

Information Services is interested in finding the best candidate for the job and that candidate may be one who comes from a less traditional background. We encourage you to apply, even if you don’t think you meet every one of our preferred qualifications--use your application to let us know what excites you about the role and what transferable skills or other qualities you would bring.

Department Summary

Information Services (IS) is the central information technology unit at the University of Oregon and provides wide-ranging services to campus. Information Services consists of four major functional areas: Customer Experience, which serves as the key contact point for interactions with campus clients and customers; Applications & Middleware, which manages and supports applications, integration services, identity management and data management; Information Security, which helps protect virtual or physical information; and Technology Infrastructure, which provides administration and support for the software, hardware, and services needed to support the campus IT environment. Information Services also includes the Advanced Network Technology Center. IS works closely with the Network for Education and Research in Oregon.

Established in 1876, the University of Oregon offers a breadth and depth of curricula with more than 270 academic programs and provides the opportunity to work at a respected research university with a strong holistic, liberal arts foundation. The UO also has a history of political and social involvement that embraces diverse beliefs, cultures, and values, and it is committed to environmental responsibility.

The university is also proud of the newly-announced Phil and Penny Knight Campus for Accelerating Scientific Impact, an initiative specifically designed to fast-track scientific discoveries and the process of turning those discoveries into innovations that improve the quality of life for people in Oregon, the nation and beyond. Information Services collaborates with Research and Innovation and our schools and colleges to support the research, teaching, and learning mission of the university.

Eugene is the home of the University of Oregon’s main campus. Located in the lush Willamette Valley, Eugene is well-known for outdoor pursuits like running, cycling, rafting, and fishing, as well as arts, music, crafts, brewing, wine-making, and community-supported agriculture. With branches in Portland and on the Oregon coast, the UO is deeply connected to Oregon's natural and cultural treasures.

Position Summary

Reporting to the Director of the Digital Work Environments and Services, the Application Security Analyst will be part of the Identity, Directory and Collaboration Services team and will also work closely with the Information Security Office. This is a technical position, responsible for identity and access management and data protection solutions that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to the University of Oregon. This position also requires superior people and "soft" skills, like empathy, tact, flexibility, and collaboration.

The incumbent in the position will evaluate, assess, and provide recommendations on new products and technologies related to the design and deployment of secure on-premise and cloud-based services. In addition, the incumbent will evaluate, assess, and perform risk analysis on existing services. The Application Security Analyst will implement and document security solutions to ensure the integrity of the environment and systems they are responsible for.

The Application Security Analyst will play a key role in identifying, investigating, documenting, mitigating and re-mediating incidents that involve university information systems and data. The incumbent in this position will work collaboratively with technical and non-technical users as well as the Office of Information Security.

The Application Security Analyst will have an understanding of all layers of the application and infrastructure stack, including networking, security, platform, and application level services. This position will develop solutions and utilize technologies for identity & access controls and platform environment management and may assist in defining guidelines and standards.

The Application Security Analyst is required to apply critical thinking and risk analysis methodologies when considering the relative risks and rewards of potential actions. Choosing the most appropriate course of action when evaluating the impact of vulnerabilities and possible solutions; and considering both micro and macro impacts of their decision. The Application Security Analyst will stay abreast of evolving campus needs, technology capabilities, and threat intelligence from a variety of sources to optimize data protection measures. This position will work with campus stakeholders to ensure data security needs and controls are aligned to support organizational goals and objectives. This position will also provide off-hours, on-call support on a rotation basis in coordination with other groups within Information Services.

Essential Personnel
This position may provide essential services during times of emergencies and inclement weather. This position may be required to fulfill essential services and functions during these times.

Candidates who promote and enhance diversity are strongly desired.

Minimum Requirements

  • This classification requires a basic foundation of knowledge and skills in systems analysis and related programming support functions generally obtained by a bachelor's degree in computer science, or an equivalent amount of training and applied experience.

Professional Competencies

  • Ability to work effectively with faculty, staff, and students from a variety of diverse backgrounds.
  • Strong problem solving skills.
  • Ability to adapt within a rapidly changing technical environment.
  • Excellent verbal and written communication skills, including the ability to explain technical concepts to audiences with a wide range of technical skills.
  • Ability to work independently as well as in a team-oriented, collaborative environment.
  • Ability to plan and account for impacts of system development efforts across architectural components, critical business processes, data and applications.

Preferred Qualifications

  • Bachelor’s degree in Computer Science, Information Technology/Systems, Information Security or relevant field.
  • Professional experience administering or supporting SaaS solutions or solutions on IaaS and PaaS platforms such as Office 365, G-Suite, AWS, Azure, or Google Cloud Platform.
  • Two years of experience providing secure IT solutions with information security responsibilities; this may include responsibilities as a security professional or as an IT administrator (e.g., network, systems, application, or cloud administrator) with experience implementing or supporting security controls.
  • Experience with Active Directory.
  • Demonstrated familiarity with information security event triage.
  • At least two years of experience in an academic campus IT environment.
  • Working knowledge of laws, regulations and standards affecting information technology security in a higher education environment, including, but not limited to, PCI-DSS, HIPAA, GLBA, HEOA, FERPA, and DMCA.
  • Knowledge of well-known application security best practices such as OWASP, aspects of ISO 27001, or applicable NIST 800 standards.
  • Certification in or progress toward at least one designation in an information security, risk, compliance or related discipline (e.g. CISSP, SSCP, CSA+, GIAC, GWEB, CSSP).

FLSA Exempt: Yes


All offers of employment are contingent upon successful completion of a background inquiry.

This is a classified position represented by the SEIU Local 503, Oregon Public Employees Union.

University of Oregon students and employees are required to be fully vaccinated against COVID-19. For additional information see: https://coronavirus.uoregon.edu/vaccine.

The University of Oregon is proud to offer a robust benefits package to eligible employees, including health insurance, retirement plans, and paid time off. For more information about benefits, visit http://hr.uoregon.edu/careers/about-benefits.

The University of Oregon is an equal opportunity, affirmative action institution committed to cultural diversity and compliance with the ADA. The University encourages all qualified individuals to apply, and does not discriminate on the basis of any protected status, including veteran and disability status. The University is committed to providing reasonable accommodations to applicants and employees with disabilities. To request an accommodation in connection with the application process, please contact us at uocareers@uoregon.edu or 541-346-5112.

UO prohibits discrimination on the basis of race, color, sex, national or ethnic origin, age, religion, marital status, disability, veteran status, sexual orientation, gender identity, and gender expression in all programs, activities and employment practices as required by Title IX, other applicable laws, and policies. Retaliation is prohibited by UO policy. Questions may be referred to the Title IX Coordinator, Office of Civil Rights Compliance, or to the Office for Civil Rights. Contact information, related policies, and complaint procedures are listed on the statement of non-discrimination.

In compliance with federal law, the University of Oregon prepares an annual report on campus security and fire safety programs and services. The Annual Campus Security and Fire Safety Report is available online at https://clery.uoregon.edu/annual-campus-security-and-fire-safety-report.

Advertised: Pacific Daylight Time
Applications close:

Back to search results Apply now Refer a friend

Share this:

| More

Position Search

Work type

Locations

United States

Categories

__blank__ __blank__