Security Analyst

Apollo Education Group™, Inc. was founded in 1973 in response to a gradual shift in higher education demographics from a student population dominated by youth to one in which approximately half the students are adults and over 80 percent of whom work full-time.

Apollo is revolutionizing higher education. Our technology, advanced learning methodologies, and international reach are dramatically accelerating the innovation that is essential to transform higher education throughout the world. Apollo Information Security is an intensely dedicated, entrepreneurial unit within Apollo Information Technology that is highly focused on effective security solutions. As part of the Apollo Information Security Team, you will play a key role in driving a secure and compliant vision for the future of education. The Information Security Analyst is responsible for monitoring, response, and proactive interdiction of threats and vulnerabilities affecting Apollo’s information assets around the globe. To accomplish its mission, Information Security uses cutting-edge technologies, advanced analytic techniques, policy and procedure support, and awareness activities to identify and mitigate threats while educating users and informing the enterprise on risks and trends. Under general supervision, this position provides technical support in Information Security projects. The schedule for this position is Wednesday - Sunday, 6:00 PM - 5:00 AM (4, 10's shift)

**Primary Responsibilities** The Security Operations Analyst responds to information security incidents, implements appropriate security safeguards, tests proposed security solutions, and performs audit/compliance and forensic activities as needed. The Security Analyst provides support for operational security tools and technologies by responding to alerts and troubleshooting issues. The Security Operations Analyst will assist with a variety of duties including: * Review, validate, classify, and respond to security events * Analyze a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, ) * Monitor and analyze network traffic and IDS alerts Investigate intrusion attempts and perform in-depth analysis of exploits * Conduct proactive threat research * Determine correct remediation actions and escalation paths for each incident * Perform initial incident triage * Document all activities during an incident and provide leadership with status updates * Participate in incident reporting for high priority events

**Knowledge, Skills & Abilities** * Security incident Event Management (SIEM) console monitoring and correlation * Security incident initial response and triage * Hotline response (issue resolution, security incident reporting) * Continuous compliance monitoring * Antivirus monitoring and logging * Network and host IDS/IPS monitoring and logging * Network and host DLP monitoring and logging * Email and spam gateway and filtering * Application whitelisting and file integrity monitoring * Threat research, intelligence and monitoring * Monitoring network traffic flows * Abuse response (email, phishing attacks, social engineering calls) **Basic Qualifications** * Bachelor’s degree (preferably in Computer Science, Business or related area) and/or a combination of the following is required: * Equivalent education or training in related disciplines * A minimum of 1 year of progressive experience in Information Security or Information Technology **Additional Qualifications:** * Self-motivated with a logical approach to problem solving * Ability to react quickly, decisively, and deliberately in high-stress, high-impact situations * Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one * An ability to effectively influence others to modify their opinions, plans, or behaviors * An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business * An understanding of organizational mission, values, and goals and consistent application of this knowledge * Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns * Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defense (CND) security tools.