Site logo
Cybersecurity Analyst Tier 3

Job Summary

Information Security Analysts


The University of Utah has an opportunity for a Cybersecurity Analyst Tier 3 (Security Operations Center) to help support our
Information Security and Compliance goals. The Tier 3 SOC analyst is the senior escalation point within the
Security Operations Center, responsible for leading complex investigations while driving detection engineering, automation, and continuous
improvement initiatives. The role blends investigative expertise with technical capabilities to improve detection fidelity, reduce response
times, and strengthen organizational security.

About UIT: University Information Technology (UIT), the central IT service provider for the University of Utah, reports to the U’s Chief Information Officer and
is responsible for many of the U’s shared IT services including the wired and wireless network; Campus Information Services (CIS) portal; UMail, telephone, and online collaboration; digital learning technologies; information security; software
licensing; and a host of other IT systems and services.


About the University of Utah: Located in Salt Lake City,
the U is the flagship institution of the State of Utah’s system of higher education, home to arts and museum venues and
a member of the BIG-12 Conference. Skiing and
snowboarding opportunities
are a short distance from campus, and opportunities to pursue activities from biki
ng to hiking to fishing abound
. Salt Lake City is home to the Utah Symphony and Opera, Ballet West, professional sports teams, and a wide range of other cultural and recreational activities.
The department may
choose to hire at any of the below job levels and associated pay rates based on their business need and
budget.

Responsibilities
Incident Response


  • Lead the end-to-end incident response
    lifecycle, including triage, investigation, containment, eradication, and post-incident analysis across endpoint, network, cloud, and
    identity domains.
  • Serve as the senior escalation point for Tier 2 analysts, providing technical direction and oversight for
    complex investigations.
  • Perform digital forensics to support root cause analysis, adjust security detections to address
    identified gaps, and develop post-incident plans of action.

Detection Engineering

  • Own detection strategy
    and coverage across key threat domains.
  • Define telemetry requirements in partnership with security engineering and platform
    owners.
  • Lead development of detection standards and quality metrics
  • Design and maintain detection logic across SIEM,
    EDR, and cloud platforms, ensuring high-fidelity alerting through tuning, enrichment, and correlation of multi-source telemetry.
  • Identify detection gaps based on relevant cybersecurity threat intelligence and as a function of the incident response lifecycle.
  • Design, build, and maintain automation (SOAR) to improve triage, data enrichment, and response efficiency.
  • Operationalize threat
    hunting and incident findings into scalable detection use cases and playbooks.


Threat Analysis

  • Lead
    hypothesis-driven threat hunting campaigns informed by threat intelligence, transforming findings into durable detections and response
    playbooks.
  • Conduct proactive threat hunting to detect advanced adversarial activity not detected by existing controls.
  • Analyze attacker behavior and map to known tactics, techniques, and procedures (TTP)
  • Continuously evaluate detection coverage,
    proactively reducing false positives while increasing detection quality.


Leadership

  • Assist in mentoring
    and developing Tier 1/2 SOC analysts; conducting periodic investigation reviews to ensure quality
  • Drive improvement in SOC
    processes, workflows, and incident response playbooks.
  • Produce clear, actionable after-action reports and executive-ready
    summaries for findings.
  • Partner with internal IT teams to improve logging, telemetry, and observability across the environment.

Minimum Qualifications
EQUIVALENCY STATEMENT: 1 year of higher education can be substituted for 1 year
of directly related work experience (Example: bachelor’s degree = 4 years of directly related work experience).
Department may
hire employee at one of the following job levels:

Information Security Analyst, IV: Requires a bachelor’s (or
equivalency) + 8 years or a master’s (or equivalency) + 6 years of directly related work experience.
Information Security
Analyst, V:
Requires a bachelor’s (or equivalency) + 10 years or a master’s (or equivalency) + 8 years of directly related work
experience.
Information Security Analyst, VI: Requires a bachelor’s (or equivalency) + 12 years or a master’s (or
equivalency) + 10 years of directly related work experience.
Information Security Analyst, VII: Requires a bachelor’s
(or equivalency) + 14 years or a master’s (or equivalency) + 12 years of directly related work experience.



Preferences
Strong operational security background

  • Experience conducting hands-on analysis of large volumes of logs, network data, and other
    attack artifacts during incident investigations
  • Extensive experience leveraging SIEM and SOAR platforms to analyze diverse log
    types and events across multiple data sources, applying behavioral, statistical, and machine learning techniques to detect and respond to
    advanced threats
  • Strong understanding of the network threat lifecycle, attack vectors, and exploitation methods, including
    attacker tactics, techniques, and procedures (TTPs)
  • Experience monitoring, defending, and administering cloud environments (e.g.,
    AWS, Azure, GCP), including the use of cloud-native security tools and strategies to protect data, as well as identifying and mitigating
    cloud-specific threats
  • Proficiency in scripting and programming

Special Instructions



Requisition
Number:
PRN45436B
Full Time or Part Time? Full Time
Work Schedule Summary: Monday – Friday, 9 a.m. – 5 p.m. with on
call responsibilities for after hours, weekend, holidays, etc.
Department: 00954 – UIT Systems & Security
Location:
Campus
Pay Rate Range: $100,000 to $195,795
Close Date: 7/6/2026
Open Until Filled:


To apply, visit
https://utah.peopleadmin.com/postings/204073



jeid-6a2166fded5b434d8427b7f8c44af209


Tagged as: CSS

Source
HigherEdJobs - Network/System Administrator

Print Job Listing
We use cookies to improve your experience on our website. By browsing this website, you agree to our use of cookies.

Sign in

Sign Up

Forgot Password

Cart

Your cart is currently empty.

Share