1. Provide ongoing protection, detection and response services for college information resources and digital assets as identified in the college’s information security program and strategic plan.
2. Review, maintain, update, and recommend using a cloud computing checklist of all (SaaS, IaaS, PaaS) and other third party hosted CCAC resources.
3. Monitor, identify, and analyze security risks to determine their impact and relevance to the college’s assets. Conduct research, analyze data, reach conclusions, and make recommendations.
4. Analyze potential information security events to determine if these events qualify as legitimate security incidents and follow through incident management protocol as necessary.
5. Initiate escalation procedures to counteract potential threats/vulnerabilities; appropriately inform related ITS staff and managers on potential incidents.
6. Document and conform to processes related to security monitoring and incident management.
7. Monitor the college’s networks and digital assets for security breaches and investigate any violation when one occurs.
8. Conduct periodic penetration testing and vulnerability scans to assess the college’s information security posture.
9. Co-manage and maintain information security tools such as SIEM, endpoint protection, vulnerability management systems, intrusion detection system and prevention systems (IDS/IPS) and other information security tools and cloud based management consoles.
10. Examine, appraise, and interpret information security related data and systems. Correlate metrics to assess the effectiveness of existing systems and information security measures.
11. Respond to security event escalations, and conduct detailed forensic analysis of potential incidents.
12. Assist in the installation and use of security hardware and software such as firewalls and data encryption programs to protect sensitive college information.
13. Respond to ServiceDesk tickets, as well as track outcomes of the issues and requests.
14. Conduct security and threat assessment audits of the college assets and business processes and make recommendations for improving security measures on-site and cloud.
15. Produce or update data flow diagrams required for security assessments.
16. Assist in information security related projects and initiatives.
17. Participate in review of the effectiveness of existing information security and risk management tools and provide recommendations.
18. Participate in information security risk assessments and controls selection activities.
19. Participate in information security awareness, training and educational activities.
20. Participate in the creation and maintenance of the information systems disaster recovery and business continuity plans and play an important role in testing of these plans and the actual disaster recovery process.
21. Closely examine information security event data and prepare periodic customized reports.
22. Document security breaches and the extent of the damage caused by such potential breaches and maintain an ITS risk and incidence log and record any third investigation updates.
23. Perform other duties as required or assigned.