Information Security Analyst IV
UF Information Technology Classification*
This senior level technical role is responsible for assisting UF units in evaluating their IT environment and recommending security measures and practices that meet UF’s policies and standards and safeguard their information assets. This position works on tasks of high complexity with minimal supervision and considerable latitude to make independent decisions.
Examples of Work
Job functions are specific duties that would be included in the essential functions of the job description. These functions are not all-inclusive nor do they cover the full extent of the duties performed.
- Sometimes serves as program/project leader involving both internal and external projects
- Provides expertise for the design and development of security systems and procedures, within a wide range of complexity levels
- Assists in the establishment of security standards for the organization
- Recommends development tools/solutions to develop/enhance security systems and applications
- Analyzes business users needs to assess technical feasibility and solutions of security systems and processes
- Translates security requirements into functional specifications and manages changes
- May lead the full systems life cycle; designing, coding, testing, implementing, maintaining and supporting software, quality assurance, testing, deployment
- Develops and validates baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
- Provides technical mentoring to less experienced staff
- May lead staff in recreating security problems to resolve security concerns and identify complex problems
- Creates and executes procedures that ensure that all systems, products and services meet organization security standards, service level agreements (SLAs), and end-user requirements.
- Analyzes current processes and procedures to create security plans which lead to gains in security, efficiency, and cost savings.
- Serves as a subject matter expert associated with highly technical security content, processes and procedures.
- Assists units with information security risk assessments.
- Works with UF units to identify, select and implement technical controls.
- Ensures that security issues are addressed throughout the project life cycle.
- Establishes and maintains information security training and awareness programs.
- Ensures that the UF information security environment supports UF privacy policies.
- Ensures that the information security environment is well coordinated throughout UF.
- Reports to the appropriate senior leadership and committees with oversight of compliance.
- Define the metrics goals and objectives for risk management and compliance.
Education and Experience
A bachelor’s degree and four years of appropriate experience. Appropriate college coursework may substitute at an equivalent rate for the required experience.
Licensure and Certification
GIAC Security Essentials (GSEC) or equivalent preferred.
Certified Information Systems Auditor (CISA) or equivalent preferred.
Certified Information Systems Security Profession (CISSP) or equivalent preferred.
This position may include supervisory responsibility.
*Reserved Classification – Use of this classification outside of UFIT requires prior approval by Classification and Compensation
To see common career pathways for each position at the University of Florida please visit the Career Paths section of the UFHR website.