Position Description :

The IT Security Systems Analyst (IOC) is an integral part of enabling the IT Department to protect customer and company data by proactively with other IT staff to detect and mitigate vulnerabilities. This analyst will report to the Sr. Director, IT Security and assist with configuring appropriate solutions to address increasing industry demand and customer compliance mandates. Follows and, where necessary, updates and documents established policies and procedures to detect and respond to vulnerabilities within Universal's technology environment, resolve employee security inquiries, incident reports, alerts from security technologies and monitoring systems, and researches indications of threat activity across the Universal IT ecosystem.

The IT Security Systems Analyst (IOC) also performs vulnerability assessments, evaluates network infrastructure, assists investigations, and performs intrusion detection monitoring.

Essential Duties and Responsibilities :

The position will require the candidate to work with various systems, IT groups, operational support teams, and business units. Interaction with many disciplines and diverse groups of people with varying skill levels is necessary, and will require strong communication, technical, and relationship-building skills

- Work with other ITSO staff to define and document procedures related to vulnerability detection and mitigation.

- Investigate and triage reports of emergent vulnerabilities ("zero-days").

- Monitor vulnerability detection sources.

- Work collaboratively with other members of Information Technology to prioritize vulnerabilities for remediation, emphasizing routine, repeatable processes.

- Provide periodic reports of vulnerability remediation status across various systems and applications.

- Show conformance to vulnerability remediation KPIs on a monthly basis (mean time to remediate, % of systems showing critical/high/medium vulnerabilities older than 30-60-90 days, etc).

- Liaise with the change management process for vulnerability scans.

- Perform ad hoc vulnerability scans and incorporate reports into the central vulnerability management program.

- On a defined schedule, create and review various security reports, escalating issues as necessary.

- This analyst is responsible for ensuring that periodic or seasonal information security activities such as vulnerability scans, incident metrics, and post-change vulnerability assessments are completed.

- This analyst works with IT Security Office colleagues, application development teams, infrastructure, telecommunication, and business teams to implement and improve incident response procedures.

- In addition, work with other IT groups to ensure systems are built, configured, integrated, tested, and deployed in compliance with established internal IT policies, standards and procedures.