Information Security Analyst 00720

Christopher Newport University

Newport News, VA(remote)

JOB DETAILS
SALARY
$68,534–$89,094 Per Year
SKILLS
Access Authorization, Advertising, Amazon Web Services (AWS), Architectural Design, Banking Services, Best Practices, Centralized Operations/Management, Cloud Computing, Communication Skills, Computer Science, Computer Security, Customer Relations, Database Programming Languages, Defense in Depth, Diversity, Documentation, Employee Orientation, Family Educational Rights and Privacy Act (FERPA), Firewalls, Heavy Lifting, Higher Education, Human Resources, IT Governance, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Legal, Lift/Move 20 Pounds, Lift/Move 50 Pounds, Memory Hardware, Microsoft Product Family, Multitasking, Nessus, Operations Planning, PCI, People Management, Physical Demands, Presentation/Verbal Skills, Problem Solving Skills, Regulations, Reporting Dashboards, Retail, Retirement Plan, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, Security Architecture, Security Design, Security Information and Event Management (SIEM), Security Monitoring, Security Scanners, Splunk, Support Documentation, System Architecture, Systems Administration/Management, U.S. National Institute of Standards and Technology (NIST), University/School Policies, Vulnerability Scanners, Work From Home
LOCATION
Newport News, VA
POSTED
2 days ago

Posting Details

Position Information

Working Title Information Security Analyst 00720 Role Title Information Technology Specialist II Position Number 00720 FLSA Exempt Appointment Type Full Time Type of Posting General Public Is Sensitive Position? No If Sensitive Position, please paste statement Designated Personnel Yes Responsible Employee

This position is designated as a "responsible employee" who has the authority to redress sexual violence, who has the duty to report incidents of sexual violence or other student misconduct, or who a student could reasonably believe has this authority or duty.

If Designated Personnel, please paste statement

This position is a "designated position" meaning this position could potentially be required to work (depending on the event) during an emergency closing.

Statement of Economic Interest No If Statement of Economic Interest, please paste statement Is this a restricted position subject to availability of funding? If Restricted Position, please paste statement Departmental Objective

To inspire and foster partnerships that focus on innovative solutions for ubiquitous access and use of information services to support educational and cultural opportunities that benefit the CNU community.

Purpose of the Position

The Information Security Analyst is responsible for implementing the campus' information security program to include reviewing security plans and role-based training requirements, operating security tools and scanners, and responding to security alerts.

Knowledge, Skills, and Abilities Related to Position

  • Knowledge of general concepts of information security best practices; IT Governance, Risk Management, and Compliance (GRC) for example NIST CSF, NIST SP 800-39 and NIST SP 800-30
  • Knowledge of NIST SP 800-53 rev 5 security controls and the Risk Management Framework (e.g. NIST SP 800-37)
  • Knowledge of vulnerability scanning and threat mitigation tools such as Microsoft Defender, Tenable Security Center / Nessus, Burp Suite
  • Knowledge of centralized log management tools such as Splunk, Graylog, Microsoft Sentinel, AWS CloudTrail
  • Knowledge of common vulnerability management frameworks such as CIS or STIGs
  • Knowledge of security concepts such as Least Privilege; and Separation of Duties
  • Ability to think critically, analyze risk, consider possible solutions, and make recommendations
  • Ability to communicate effectively both verbally and in writing with diverse groups of organizations and people
  • Ability to develop relationships with and provide guidance to all levels of management regarding employee system access
  • Willingness to be very flexible, ability to maintain the highest professional standards and competence to be accurate, thorough, and productive with all work
  • Understanding of system administration for both on-premises and cloud systems
  • Understanding of defense-in-depth and common security elements
  • Understanding of the IT Incident Response processes
  • Regulations such as FERPA, GLBA, PCI
  • Knowledge of firewalls and IDS/IPS concepts, such as Palo Alto
  • Demonstrated understanding of technical, engineering, and programmatic capabilities related to information systems and/or subsystems
  • Familiarity with programming and query languages

Education, Experience, Licensure, Certification Required

Education:

  • High school diploma or equivalent education/experience that equates to a high school diploma

Experience:

  • Previous experience in an information security environment
  • Possession of a current and maintained Information Security certification
  • Experience documenting security issues

Additional Consideration(s)

Education:

  • BA or BS in Information Security, Information Assurance, Computer Science, or related equivalent professional experience
  • A Master's degree in Computer Science, Cybersecurity, or related technical field

Experience:

  • Experience with security awareness initiatives and training
  • Experience with information security to include managing systems security architecture, design, and/or operational planning on an enterprise level
  • Experience with information security to include managing systems security installation and risk remediation activities on an enterprise level
  • Experience with system authorizations and supporting security documentation development such as System Security Plans (SSP)
  • Experience with system authorizations and supporting security documentation development such as System Access Requests
  • Experience with system authorizations and supporting security documentation development such as Plans of Actions and Milestones (POA&M)
  • Significant experience working with centralized logging solutions (Security Incident and Event Management, SIEM)
  • Experience working with parsing events for SIEM ingestion
  • Experience developing SIEM dashboards/reports
  • Demonstrated hands-on experience with continuous monitoring, including vulnerability and compliance verification (using solutions such as Tenable Security Center / Nessus, Microsoft Defender, and/or other similar solutions)
  • Experience working in a higher education environment

Salary Information Starting at $68,534 to $89,094, commensurate with education and experience CNU Information

This position includes Commonwealth of Virginia and Christopher Newport University employee benefits. CNU offers a comprehensive benefits package to include retirement plans, medical, dental, vision, and a variety of other options. Available leave includes vacation, sick time, personal time, and volunteer/service leave. State employees are eligible for discounted travel, banking, legal and retail services, among others. To view more information about our benefits, please visit https://cnu.edu/hr/benefits/.

Role Code 39112 Conditions of Employment

  • This is a classified position. New and returning classified employees are required to complete a 12-month probationary period.
  • Selected candidate must attend a 2-day New Employee Orientation Program.
  • This position is designated as an on-campus position and requires regular in-person work at the university's campus.
  • Selected candidate must be able to perform their duties on campus during assigned work hours.
  • This position is not eligible for full-time remote work, and requests to negotiate a fully remote arrangement will not be considered.
  • Any telework opportunities are limited, subject to university policy and departmental approval, and may be modified or discontinued at any time.

Is this position telework eligible? Yes Telework Eligibility Disclaimer

This position is eligible for periodic telework as determined by the department. Eligibility is not guaranteed, and is subject to supervisor approval. Eligibility will depend on the likelihood of the employee's success in a telework arrangement and the supervisor's ability to manage telework. Departments and/or Human Resources may modify or revoke eligibility at any time. Employees will be required to sign a Telework Agreement.

Physical/Cognitive Requirements

Light Lifting (less than 20 lbs.) Essential Moderate Lifting (20-50 lbs.) Essential Heavy Lifting (more than 50 lbs.) Marginal Pushing/Pulling Essential Standing Essential Sitting Essential Bending Non-Applicable Walking Marginal Climbing Non-Applicable Reaching Non-Applicable Repetitive Motion Non-Applicable List other physical requirements

Emotional Demands

Fast Pace Essential Average Pace Essential Multiple Priorities Essential Intense Customer Interaction Essential Multiple Stimuli Essential Frequency Changes Essential

Mental/Sensory Demands

Memory Essential Reasoning Essential Hearing Essential Reading Essential Analyzing Essential Logic Essential Verbal Communication Essential Written Communication Essential List other mental/sensory requirements

Posting Detail Information

Posting Number PS1242P Number of Vacancies 1 Posting Date 07/07/2026 Closing Date 07/21/2026 Open Until Filled No Special Instructions to Applicants

CNU will only accept online applications through the jobs.cnu.edu website. Online applications must be received by midnight on the closing date indicated in a job announcement. Faxed, emailed, hand-delivered or mailed applications and attachments will NOT be accepted. Applicants are welcome to complete an online application by using computers located in the Office of Human Resources. Address: CNU North - 321 Hiden Boulevard, Suite 101, Newport News, VA 23606. Public computers are also available in nearby libraries and at the Virginia Employment Commission. Address: 600 Butler Farm Road, Hampton, VA 23666 (M-F 9am-4:30pm).

In order to be considered for this position, your application must provide evidence of experience and/or education supporting the requirements outlined in the posting. We encourage you to be clear and specific when describing your experience. *Responses to supplemental questions alone are not considered evidence of experience and/or education.

Quick Link for Direct Access to Posting https://jobs.cnu.edu/postings/20976 Advertising Text EEO/Diversity Statement(s)

Christopher Newport University, an EO Employer, is fully Committed to Access and Opportunity.

Notice of Non-Discrimination & Title IX Policy Statement

Reasonable Accommodation Request

Christopher Newport University (CNU) will make a reasonable effort to accommodate persons with disabilities in the application and/or interview process. Persons with disabilities who require accommodation should contact the CNU Human Resources Office by calling (757) 594-7145.

Alternative Hiring Process

In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth's Alternative Hiring Process.

To be considered for this opportunity, applicants will need to upload an approved AHP Letter received from the Department for Aging & Rehabilitative Services (DARS) or from the Department for the Blind & Vision Impaired (DBVI) to their applications.

Note: Certificates of Disability provided by DARS or DBVI dated April 1, 2022, through February 29, 2024, will still be accepted as applicable for the AHP. The name change to AHP Letter became effective March 1, 2024.

Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS to get their AHP Letter.

Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.

Background Check

Applicant finalists are required to complete a CNU sponsored background check. After accepting employment, individuals are required to complete a USCIS Form I-9 (employment eligibility verification) and present documentation from the USCIS List of Acceptable Documents that establishes both their identity and employment authorization to work in the United States. The provided documents will be verified through the Department of Homeland Security E-Verify website.

Supplemental Questions

Required fields are indicated with an asterisk (*).

  • Do you have a valid Interagency Placement Screening Form (Yellow Card)? This form is provided to Commonwealth of Virginia employees when they are notified that they will be affected by a layoff per Policy 1.30. This form must be attached in order to receive credit.

  • Yes

  • No

  • Do you have a Preferential Hiring Form (Blue Card)? This form is provided to Commonwealth of Virginia employees when they are notified that they will be affected by a layoff per Policy 1.30. This form must be attached in order to receive credit.

  • Yes

  • No

    • Have you retired from a VRS covered position?
  • Yes

  • No

  • Would you like to be considered for the Alternative Hiring Process (AHP)?

  • Yes

  • No

  • If you would like to be considered for the Alternative Hiring Process (AHP), did you provide your AHP Letter?

  • Yes

  • No

    • Do you have a high school diploma or equivalent education/experience that equates to a high school diploma?
  • Yes

  • No

    • Do you have previous experience in an information security environment?
  • Yes

  • No

    • Do you possess and maintain a current Information Security certification?
  • Yes

  • No

    • Do you have experience documenting security issues?
  • Yes

  • No

  • Do you have a BA or BS in Information Security, Information Assurance, Computer Science, or related equivalent professional experience?

  • Yes

  • No

  • Do you have a Master's degree in Computer Science, Cybersecurity, or a related technical field?

  • Yes

  • No

  • Do you have experience with security awareness initiatives and training?

  • Yes

  • No

  • Do you have experience with information security to include managing systems security architecture, design, and/or operational planning on an enterprise level?

  • Yes

  • No

  • Do you have experience with information security to include managing systems security installation and risk remediation activities on an enterprise level?

  • Yes

  • No

  • Do you have experience with system authorizations and supporting security documentation development such as System Security Plans (SSP)?

  • Yes

  • No

  • Do you have experience with system authorizations and supporting security documentation development such as System Access Requests?

  • Yes

  • No

  • Do you have experience with system authorizations and supporting security documentation development such as Plans of Actions and Milestones (POA&M)?

  • Yes

  • No

  • Do you have significant experience working with centralized logging solutions (Security Incident and Event Management, SIEM)?

  • Yes

  • No

  • Do you have experience working with parsing events for SIEM ingestion?

  • Yes

  • No

  • Do you have experience developing SIEM dashboards/reports?

  • Yes

  • No

  • Do you have demonstrated hands-on experience with continuous monitoring, including vulnerability and compliance verification (using solutions such as Tenable Security Center / Nessus, Microsoft Defender, and/or other similar solutions)?

  • Yes

  • No

  • Do you have experience working in a higher education environment?

  • Yes

  • No

    • This position is not eligible for full-time remote work and requires regular on-campus presence. Are you able to meet this requirement?
  • Yes

  • No

Documents Needed To Apply

Required Documents

Optional Documents

  • Cover Letter
  • Resume
  • Transcripts
  • Licensure/Certification
  • Other Application Materials
  • DD214
  • Yellow Layoff Form
  • Blue Layoff Card
  • AHP Letter

About the Company

C

Christopher Newport University