 | NEW MEXICO STATE UNIVERSITY |
HUMAN RESOURCES SERVICES | |
POSITION CLASSIFICATION DESCRIPTION | |
| Position Classification Title: | Data Security Analyst,Inter |
| Position Classification Code: | M4045 |
| Job Family: | Information Technology |
| Pay Level: | 07 |
| Exempt Status: | Exempt |
| This description is intended to describe the general nature of the work being performed. It is not intended to be a complete list of specific duties of any particular position. Duties, responsibilities and bargaining unit eligibility may vary based on the specific tasks assigned to the position. | |
| Purpose of Classification: | |
| Monitors, evaluates, and maintains systems and procedures to protect the data systems and databases from unauthorized users. Identifies potential threats and responds to reported security violations. Assists in determining causes of security violations and may recommend corrective actions to ensure data security. Assists in communicating security procedures to users. Knows and applies the fundamental concepts, practices and procedures of the field. | |
| Standard Duties: | |
| Participate in defining and implementing overall security strategy, policies, and procedures. Provide security advice and guidance to systems engineers and management. Participate in physical security projects and develop physical security and safety skill sets. Perform security audits, risk analysis, and application-level vulnerability testing and reviews. Collaborate on solutions to mitigate risks and enhance system security. Assists in implementation of cost effective security controls to meet corporate security requirements. Participates in security projects including requirements definition, task planning, research, testing, implementation, and management. Research changes to procedures and systems to enhance data systems security. Assist in developing security awareness materials, security presentations, and information security training sessions. Under supervision performs work that is varied and that may be somewhat difficult in character, but usually involves limited responsibility. Some evaluation, originality or ingenuity is required. Perform miscellaneous job-related duties as assigned. | |
| Knowledge, Skills and Abilities: | |
| University and department policies and procedures; principles and practices of organization and administration; principles of supervision, training, and performance evaluation; advanced knowledge of information security and computer network access technologies. In-depth technical knowledge in implementing data protection and integrity, operating systems and network security, authentication, and security protocols. | |
| Short- and long-range planning; problem analysis and resolution; report preparation and presentation; public contact and relations; oral and written communication; strong interpersonal and communication skills to work effectively with team and other business units; proven project management skills. | |
| Direct, evaluate, train, and supervise the work of assigned personnel; develop and maintain effective working relationships; maintain accurate and orderly records; use independent judgment and initiative; organize and direct activities; analyze and evaluate information; ability to maintain operational computer and network security, firewall administration, virus protection, intrusion detection and prevention, automated security patching, and vulnerability scanning systems; ability to administer information security programs including risk assessments and forensic research, designing security architectures, developing policies, gathering metrics and reporting status. | |
| Minimum Qualifications: | |
| Education- Bachelor's degree in a related field. | |
| Experience- Three (3) years of experience directly related to the standard duties as outlined. | |
| Equivalency- None | |
| Certifications/License- | |
| Departmental Requirements- | |
| Special Requirements- | |