Information Security Analyst

The Information Security Analyst is a technical role within the Information Security (InfoSec) group of Information Technology Services (ITS), responsible for defending the University's data assets through policy controls, security operations, incident response, and AI-assisted tooling. As a primary network defender, the analyst works at the intersection of threat detection, vulnerability management, and forensic investigation within a Security Operations Center (SOC)., This role is responsible for developing and overseeing student SOC employees. The SOC functions as both a live security operation and a learning environment, requiring the analyst to serve as senior practitioner and mentor., Security Monitoring & Alert Triage

• Monitor network, endpoint, and identity telemetry continuously using open-source and enterprise SIEM platforms including Splunk, Elastic/Opensearch, and Kibana.
• Review IDS alerts, system logs, and network traffic captures; triage for relevance and severity; distinguish genuine threats from false positives.
• Provide second-level analysis of alerts escalated by student SOC employees, with final disposition and escalation authority resting with this position.

SOC Tools Operations & Engineering

• Operate, tune, and recommend enhancements to the SOC's monitoring and detection platforms including Microsoft Defender and SIEM tools; leverage AI-assisted tooling to improve detection and response workflows.
• Implement threat hunting and detection strategies; identify new data sources to augment detection capability; integrate new tools and applications as needed.
• Write Python and PowerShell scripts to automate detection, response, and data analysis workflows.
• Assist in maintenance of firewall rulesets.

Incident Response & Investigation

• Serve as first responder for security incident investigation, conducting log and system-level analysis to determine potential scope and impact. Assist with containment, eradication, and recovery efforts.
• Perform digital forensic analysis at the first-responder level to determine whether a breach has occurred and what steps are required to contain it.
• Provide written and verbal summaries of incident findings to be shared with ITS leadership and relevant stakeholders.

Vulnerability Management

• Assist in maintaining and operating the University's vulnerability assessment program, including scan configuration, finding analysis, risk prioritization based on exploitability and business impact, and remediation coordination with system owners.
• Track patching effectiveness and validate closure of critical findings.

Student Employee Development

• Assist in the hiring, continuous training, mentoring, and operational oversight of student SOC employees. Develop and maintain the SOC processes, runbooks, and escalation procedures that student analysts follow.
• Provide direct coaching on alert investigation techniques, log analysis, and documentation standards.

The role requires hands-on experience across several domains: SOC operations including alert triage, log analysis, and network traffic interpretation using tools such as Splunk, Kibana, or Microsoft Sentinel; Python 3 scripting for automation and detection support; firewall management for ruleset maintenance and network security enforcement; Microsoft Entra ID administration including identity architecture and PowerShell scripting; Linux system administration across mixed-OS environments; and digital forensics at a first-responder level, including breach assessment, evidence preservation, and containment., * Bachelor's degree in information security/Cybersecurity, Information Management, Computer Science, Computer Engineering, or related discipline., * Five (5+) plus years of experience in Information Technology, with a minimum of two (2) years in Information Security/Cybersecurity.

• Prior experience working in a functioning SOC or equivalent security operations environment is valued, including hands-on work triaging live alerts, investigating active incidents, and operating security tooling in a production setting.

Skills and Knowledge Required Experience (2+ years each):

• SOC operations: IDS/EDR alert triage, log analysis, and network traffic interpretation using Splunk, Kibana, or Microsoft Sentinel
• Microsoft Defender for Endpoint: alert triage, investigation, and response
• Python 3 scripting for automation and SOC workflow support
• Firewall operation and network security fundamentals

Required Experience (1+ years each):

• Windows/Active Directory, endpoint log analysis, PowerShell, and group policies
• Linux system administration
• Digital forensics at a first-responder level
• AI-assisted security tools (e.g., Copilot, AI-enhanced SIEM features)
• Broader Technical Knowledge: Network protocols; IDS/IPS platforms; MITRE ATT&CK and Cyber Kill Chain; vulnerability scanning; cloud security fundamentals; SOAR and scripting-based automation; Microsoft security stack (Defender XDR, Sentinel, Purview, Entra ID) with KQL proficiency.
• Active use of AI tooling across all operational functions and the application of AI as a solution is a core expectation.
• Soft Skills: Cross-functional collaboration; student SOC mentorship; multi-source analytical precision; clear written and verbal communication to technical and non-technical audiences; composure during active incidents; commitment to continuous learning.

Syracuse University is a private, international research university with distinctive academics, diversely unique offerings, and an undeniable spirit. Located in the geographic heart of New York State, with a global footprint, and over 150 years of history, Syracuse University offers a quintessential college experience. The scope of Syracuse University is a testament to its strengths: a pioneering history dating back to 1870; a choice of more than 200 majors, 100 minors, and 200 advanced degree programs offered across the University's 13 schools and colleges; over 15,000 undergraduates and over 6,000 graduate students; more than a quarter of a million alumni in 160 countries; and a student population from all 50 U.S. states and 123 countries. For more information, please visit http://www.syracuse.edu. About the Syracuse area Syracuse is a medium-sized city situated in the geographic center of New York State approximately 250 miles northwest of New York City. The metro-area population totals approximately 500,000. The area offers a low cost of living and provides many social, cultural, and recreational options, including parks, museums, festivals, professional regional theater, and premier shopping venues. Syracuse and Central New York present a wide range of seasonal recreation and attractions ranging from water skiing and snow skiing, hiking in the Adirondacks, touring the historic sites, visiting wineries along the Finger Lakes, and biking on trails along the Erie Canal. EEO Statement Syracuse University is an equal-opportunity institution. The University prohibits discrimination and harassment based on race, color, creed, religion, sex, gender, national origin, citizenship, ethnicity, marital status, age, disability, sexual orientation, gender identity and gender expression, veteran status, or any other status protected by applicable law to the extent prohibited by law. This nondiscrimination policy covers admissions, employment, and access to and treatment in University programs, services, and activities. Commitment to Supporting and Hiring Veterans Syracuse University has a long history of engaging veterans and the military-connected community through its educational programs, community outreach, and employment programs. After World War II, Syracuse University welcomed more than 10,000 returning veterans to our campus, and those veterans literally transformed Syracuse University into the national research institution it is today. The University's contemporary commitment to veterans builds on this historical legacy, and extends to both class-leading initiatives focused on making an SU degree accessible and affordable to the post-9/11 generation of veterans, and also programs designed to position Syracuse University as the employer of choice for military veterans, members of the Guard and Reserve, and military family members. Commitment to a Respectful and Welcoming Community Syracuse University fosters a welcoming learning environment where students, faculty, administrators, staff, curriculum, social activities, governance, and all aspects of campus life reflect a broad range of perspectives and experiences. The University community values the many similarities and differences among individuals and groups. At Syracuse, we are committed to preparing students to engage with and appreciate the richness of backgrounds, beliefs, and experiences that shape our society. To achieve this, we strive to cultivate a community that respects and encourages open dialogue, understanding, and mutual respect.