Cybersecurity Analyst II

Develops and Maintains Cybersecurity ProgramsDesigns and documents program components including policies, standard operating procedures, playbooks, and runbooks for one or more assigned cybersecurity domains such as risk management, incident response, vulnerability management, and threat intelligence, ensuring alignment with organizational standards and regulatory frameworks.Implements automation and process improvements to enhance efficiency, strengthen domain controls, and support continuous improvement.Maintains dashboards and performance metrics for assigned programs (e.g., SLA compliance, control health) and incorporates lessons learned into program updates.Collaborates with IT and business stakeholders to integrate security requirements into operational processes and the software development lifecycle, ensuring alignment with enterprise security objectives.Coordinates with the department's IT teams, campus IT, and campus Information Security Office (ISO) on the review, implementation, and monitoring of security controls on tools owned and managed by campus IT and ISO (firewalls, DLP, MFA) to safeguard digital infrastructure.Executes Cybersecurity OperationsManages investigations end-to-end and coordinates resolution for security events within scope.Maintains and refines playbooks/runbooks; suggests workflow improvements based on lessons learned.Implements automations for repetitive tasks (e.g., enrichment, triage, alerts, notifications).Supports Governance, Risk, and ComplianceApplies policies, standards, and procedures; performs control testing and gathers audit evidence.Monitors adherence to HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST frameworks.Updates risk registers, proposes mitigations, and tracks remediation to closure.Conducts third-party and vendor security assessments against organizational standards and documents follow-ups.Helps facilitate awareness initiatives and tabletop exercises; offers coaching during activities.Reporting and CollaborationMaintains dashboards and KPIs (e.g., MTTR, vulnerability SLA compliance, control health).Prepares reports with actionable recommendations for stakeholders and leadership.Partners with IT and project teams to embed security requirements in designs and changes; reviews changes for security impact.Marginal or Periodic FunctionsMaintains documentation specific to cybersecurity work (architecture diagrams, SOPs, inventories).Represents the organization during audits and external assessments as assigned.Participates in professional development and advanced training.Supports disaster recovery and business continuity plan updates.Adheres to internal controls and reporting structure.Performs related duties as required.KNOWLEDGE/SKILLS/ABILITIESProblem SolvingAnalyzes complex issues methodically and derives practical, evidence-based solutions.Correlates multi-source telemetry to isolate root causes.Tests alternatives and selects mitigations with minimal disruption.Captures decision rationale and lessons learned.Decision QualityWeighs risk, impact, and tradeoffs to make timely, sound decisions.Prioritizes actions using clear severity/risk mits to reasonable containment steps under municates next steps and contingencies.Functional/Technical SkillsSolid technical mastery across SIEM/SOAR, endpoint, vulnerability scanners, and core domains.Enhances detections and enrichment workflows.Executes investigations across OS/network/identity layers.Keeps skills current and evaluates tool effectiveness.Process ManagementOperates efficient processes with clear handoffs, metrics, and continuous improvement.Maintains and streamlines SOPs/runbooks.Automates repetitive tasks to reduce MTTR.Reviews program performance and suggests refinements.Dealing with AmbiguityActs effectively without complete information and adapts as situations itiates investigation/containment with partial indicators.Adjusts approach as new artifacts surface.Provides steady guidance during fast-changing events.Collaborates/Peer RelationshipsBuilds cooperative relationships and gains consensus to advance initiatives.Aligns remediation plans with IT/application owners.Facilitates cross-team tabletop exercises.Escalates diplomatically and closes loops.

Created: 2026-02-05