Information Security Analyst III
UF Information Technology Classification*
This intermediate level technical role is responsible for assisting UF units in evaluating their IT environment and recommending security measures and practices that meet UF’s policies and standards and safeguard their information assets. This position works on tasks of medium complexity with general supervision required.
Examples of Work
Job functions are specific duties that would be included in the essential functions of the job description. These functions are not all-inclusive nor do they cover the full extent of the duties performed.
- Works with UF business units to achieve security objectives and address identified risks.
- Gathers, compiles, and synthesizes information for security processes or systems
- Makes recommendations for development of new security systems/procedures or reuse/enhancement of existing security systems/procedures.
- Analyzes security needs to assess technical feasibility and solutions
- Translates security requirements into functional specifications and manages changes
- Involved in the full systems life cycle; designing, coding, testing, implementing, maintaining and supporting software, quality assurance, testing, deployment
- Assists in the development of strategies and plans to achieve security requirements and address identified risks.
- Develops and validates baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
- Develops technical documentation (designs, specifications, processes, workflows) and communications.
- Assists in creating and executing security procedures that ensure that all systems, products and services meet organization security standards, service level agreements (SLAs) and end-user requirements.
- Assists with analyzing current security processes and procedures to create future configurations which lead to gains in security, efficiency, and cost savings.
- Under supervision, serves as a subject matter expert associated with security processes and procedures.
- Assists units with information security risk assessments.
- Works with UF units to identify, select and implement technical controls.
- Ensures that security issues are addressed throughout the project life cycle.
- Facilitates information security training and awareness programs.
- Ensures that the UF information security environment supports UF privacy policies.
- Ensures that the information security environment is well coordinated throughout UF.
Education and Experience
A bachelor’s degree and four years of appropriate experience. Appropriate college coursework may substitute at an equivalent rate for the required experience.
Licensure and Certification
GIAC Security Essentials (GSEC) or equivalent preferred.
Certified Information Systems Security Profession (CISSP) or equivalent preferred.
This position does not typically include supervisory responsibility.
*Reserved Classification – Use of this classification outside of UFIT requires prior approval by Classification and Compensation
To see common career pathways for each position at the University of Florida please visit the Career Paths section of the UFHR website.