Lead Cybersecurity Analyst/Cybersecurity Analyst II

Department: Information Security

Location: Grand Rapids, MI

Responsible for conducting the day to day operations of information security and helping maintain compliance at GRCC. This position is part of a team, focused on providing exceptional service that exceeds user expectations. The proper candidate is a motivated self-starter with strong interpersonal skills, a desire to learn and expand technical proficiencies, and the ability to work within a collaborative, team-oriented environment.

Requisition ID: 697 Department: IT Security Employee Group: https://www.grcc.edu/faculty-staff/human-resources/employee-groups-resources/employee-groups/professional-management-administration Schedule: 40 Hours/52 Weeks Lead Cybersecurity Analyst Compensation: TP5 - $73,445 annually Cybersecurity Analyst II Compensation: TP4 - $65,284 annually Benefits: https://www.grcc.edu/faculty-staff/human-resources/benefits-insurance Reports to: Chief Information Security Officer Posting Opens: 01/06/2025 Posting Closes: Open until filled. Initial candidate review will begin on 01/20/2025

COMPENSATION STATEMENT

Starting salaries will vary depending on the qualifications and experience of the selected candidate. This position will be filled at the Lead Cybersecurity Analyst, Job Level TP5 with a salary of $73,445 as the primary goal. The requirements listed below reflect the Lead Cybersecurity Analyst level expectation. Applicants with lesser experience and qualifications are encouraged to apply and may be considered if the primary goal is not met. Lesser-experienced candidates will be classified as a Cybersecurity Analyst II, Job Level TP4 with a salary of $65,284.

SHARED ESSENTIAL FUNCTIONS

• Performs Computer Security Incident Response activities such as investigating breaches, mitigating threats, as well as recording and reporting incidents • Monitor, maintain, and analyze Intrusion Detection System (IDS), Endpoint Detection and Response (EDR) and other security tools to identify security issues for remediation • Monitor Data Loss Prevention (DLP) systems and apply preventative controls per GRCC procedures • Automates the collection, organization, analysis, archiving and reporting of all log data • Evaluate and assess organizational risk • Maintains an awareness of existing and proposed security standards, State and Federal legislation and regulations pertaining to information security and identifies regulatory changes that will affect information security policies, standards, procedures, controls, and recommends/implements appropriate changes • Performs vulnerability and risk assessments for software, systems, user accounts, application access, and network shares • Assist server and data owners in remediation of vulnerable systems as needed • Prepares incident reports of analysis methodology and results • Helps to develop communications, training, and actively promotes related campaigns for information security awareness • Assists in creating and reviewing IT security policies/procedures • Conducts regular vulnerability scans and uses security tools to meet IT Security objectives • Help manage data in support of data governance and compliance • Participates in special projects as required • Assists in the configuration and maintenance of IT security systems and servers • Conducts and assists with system audits as needed • Other duties as assigned

Additional Functions for Lead Cybersecurity Analyst

• Helps lead the response to security incidents, including investigating breaches, mitigating threats, and coordinating with relevant stakeholders • Responsible for documenting security incidents, responses, and resolutions for future reference and compliance purposes • Collaborates with other IT tea