Senior Cybersecurity Analyst in Newtown, Pennsylvania at Law School Admission Council
Explore Related Opportunities
Job Description
Type Regular Full-Time
Category Technology & Infrastructure
US-PA-Newtown
Remote work arrangements will be considered for this position Yes
LSAC’s mission is to advance law and justice by promoting access, equity, and fairness in law school admission and supporting the learning journey from prelaw through practice.
Pay rate: $120,000 to $132,000, depending on experience
The Senior Cybersecurity Analyst position is integral for protecting, monitoring and improving the security posture of LSAC’s network and intellectual property such as test items, candidate data and systems data.
These duties include responsibility to partner with other departments throughout LSAC to raise Security awareness and to educate all LSAC staff in Security best practices, fully utilize tools required to monitor, to analyze, and to react to Security threats and related incidents, and maintain compliance with outside organizations (such as SOC2 and Financial and IT Audits, etc.). Additional responsibilities are to monitor and report on the intrusion prevention systems, alerts, identifying and reacting to suspicious network traffic, firewalls, websites re: penetration testing, project deliverables to follow security guidelines, etc. Endorse and implement all the best practices and procedures that are directly related to the overall Security Systems Program.
Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of this position. The individual employed in this position will be required to:
- Improve, manage, and provide direction re: LSAC Security Policies, Procedures, and Best Practices and maintain and enhance the formal Security Systems Program.
- Assist in the Development of effective Cybersecurity policies to address existing and future threats such as AI computer policies, data governance and compliance.
- Perform IT Security inspections, tests, system level audits and reviews of existing
IT software and hardware to support and conduct the annual reviews to ensure compliance with SOC2, IT and Financial Audits, PCI/DSS, etc. - Evaluate and recommend new Security products and services (hardware and software).
- Consult, monitor, and report on Security systems, e.g. such as intrusion prevention and detection systems, VPNs, and firewalls.
- Perform network and system vulnerability scans and penetration testing on workstations, servers, network devices, and other computer systems and work with appropriate groups to close Security gaps.
- Develop and support the development of automated tools that analyze the Security violations found in access control logs to discover patterns and evidence of problems.
- Provide consultation and assistance to Infrastructure, Executive Staff, and other staff from other departments relating to information and systems Security.
- Maintain a high level of confidentiality in identifying and aiding in resolving Security issues.
- Monitor the networks and websites for the proper Security procedures, software configuration, and signs of compromise or attempted compromise.
- Actively promote and enhance Security Awareness programs to LSAC staff and partnering with the Human Resources Department.
- Participate in all Information Security projects and attend meetings to provide input and recommendations on issues that have an impact on LSAC’s Security infrastructure.
- Evaluate and recommend solutions to current or potential Security threats as they relate to the data and computing environment.
- Participate as a member of the Security Incident Response Team and Test Security Task Force.
- Respond to Security incidents providing critical documentation and consultation by preserving all records indicating changes made to access control lists to facilitate investigations, as well as involvement to the response, root cause analysis, and implementation of a solution.
- Keep abreast of the trends and issues in the industry related to Computer Security.
Excellent written and verbal communication skills.
Holds a strong sense of accountability for both individual and team objectives.
Embraces a forward-thinking mindset, contributing to a culture of continuous improvement and creativity.
Excellent time management, prioritization, attention to detail and organization skills
Please provide any additional behaviors, attitudes, or skills that a person in this position would need to be successful in this role (i.e., adaptability, software competency level)
Ability to provide technical leadership and consultation and to apply project management skills.
Solid understanding of TCP/IP and application development & security best-practices.
Ability to enhance, comply, and implement the Security Systems Program throughout LSAC with overall responsibility and accountability to meet industry standards and best practices to provide a safe and protective data and systems environment.
- Bachelor’s degree in Information Systems and/or Security curriculum is required.
- A Minimum of 10 years of IT experience and greater than 5 years of experience in IT Security or an equivalent combination of education, training, and experience is required.
- Professional certifications such as CISSP, GIAS, Microsoft MCSE and/or other Security certifications are a plus.
- Broad working knowledge of Security Program issues and best practices, including system threat vulnerability assessments, system Security requirements/architectures, and Security risk mitigation plans that will enable the IT systems and data information mission to be protected and successful.
- Solid experience with establishing and promoting a Security Systems Program and the ability to provide the guidance to raise Security Awareness throughout LSAC.
- Knowledge and experience with various network protocols, firewalls, penetration tools, remote access, network operating systems, PC operating systems and vulnerabilities and network management tools.
- Experience with Security tools and best practices, Windows based systems, Tenable Nessus, Microsoft Azure, Windows Defender and other technical platforms and administration.
- Basic knowledge of authentication systems including token-based authentication and digital certificates.
- Basic knowledge of encryption and decryption
Supervisory Responsibilities
This role does not have people management responsibilities
Position Type
The LSAC standard business hours are Monday-Friday, 8:30 a.m. - 4:45 p.m. ET. While these are the standard office hours for LSAC, as an exempt employee, the employee will be expected to work the hours necessary to satisfactorily complete their assignments in a responsible and professional manner.
Work Environment
This job operates in a remote and professional office environment. Whether remote or in-office, this role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
Travel Requirements
There is no travel expected for this position.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee must regularly write, read, hear, present materials, and communicate effectively.
Additional Information:
Please note that this job description may not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Job responsibilities may change at any time with or without notice.
Except as otherwise provided by law, all terms of employment are subject on an at-will basis and can change at any time.
At LSAC we foster a culture based on our stated values and actively seek to broaden our pipeline of current and future leaders. We are committed to attracting, retaining, and developing individuals who have a passion for the work they do and the mission of LSAC. We encourage all qualified individuals to apply. We recognize that experience comes from a variety of places and know that job applicants will possess many, but not necessarily all, of the qualities listed in the job description. While no one candidate will embody every single quality, the successful candidate will exemplify a robust combination of the skills and competencies listed to excel in the position. LSAC is an Equal Opportunity Employer and welcomes applications from individuals from all identities and backgrounds.