Why Work at BYU   

As the flagship higher education institution of The Church of Jesus Christ of Latter-day Saints, Brigham Young University (BYU) strives to be among the exceptional universities in the world. At BYU, we are devoted to our faith and to our students. We take an active role in the University's Mission: "To assist individuals in their quest for perfection and eternal life.” 

Our unique mission, deeply rooted in the Gospel of Jesus Christ, provides countless ways to serve and make an impact. This, along with our remarkable culture of belonging, weekly devotionals, and endless opportunities for learning and growth—all situated within a beautiful and historic campus—make it hard to imagine a more inspiring place to work. 

Brigham Young University strongly prefers to hire faithful members of The Church of Jesus Christ of Latter-day Saints.

Security Analyst

The CES Security Operations Center is currently looking to hire a security analyst to serve BYU, BYU-Hawaii, BYU-Idaho, and Ensign College. This position will lead, influence, and shape one of our security service pillars while rotating to another pillar semi-annually. Analysts are expected to bring prior experience and judgment to the role, while continuing to broaden their skills across the security operations lifecycle. Our pillars are security event monitoring and development, incident investigation & response, penetration testing, vulnerability management, identity, and threat hunting. This rotational system allows you to contribute the skills and expertise you already possess and build others in a broad range of security operations disciplines. Our rotational model is designed for experienced analysts who want to avoid siloed careers. Analysts maintain depth in their primary pillar while gaining meaningful exposure to adjacent disciplines, making this an ideal role for professionals seeking long-term growth.

People skills are also required, as we regularly interact with campus customers. This position also gives you the opportunity to share with others (including the student employees that work in our SOC) your acquired skills, to grow and learn more, and to apply that learning. Other responsibilities will be assigned to you as you gain skills through on-the-job training, career-focused professional development, and mentoring.

Impact of the role

As a Security Analyst at the CES SOC, your work directly protects four higher-education institutions, tens of thousands of students and employees, and critical academic and research systems. You will influence security posture at an enterprise scale and collaborate with a broad range of IT professionals to reduce institutional risk.

What you will be doing in this position

Basic Security Analyst Responsibilities

Participate in security analyst on-call rotation. Initial triage of security events, analysis of associated log data, security incident ticket population, and initial contact with relevant IT staff or end users. Drafting and editing security work instructions, for security analysts, IT staff, and end users; creating workflow diagrams to correlate work instructions to security incidents

Security Event Monitoring and Development

Security Analysts in this pillar design, maintain, and continuously improve enterprise security monitoring across CES institutions. This includes developing meaningful alerts and dashboards from diverse log sources, validating alert quality, and ensuring monitoring aligns with evolving threats and institutional priorities. Analysts partner closely with system owners and incident responders to ensure monitoring is actionable, resilient, and supports timely investigation and response.

Incident Investigation and response

This pillar leads the investigation, containment, and resolution of information security incidents across CES campuses, ranging from phishing and account compromise to system-level intrusions. Analysts apply professional judgment to triage events, coordinate with campus IT stakeholders, document findings, and guide remediation while escalating major incidents through formal response processes. The role emphasizes disciplined investigation, clear communication, and continuous improvement through lessons learned and playbooks.

Vulnerability management

The vulnerability management pillar provides visibility into security weaknesses across campus systems and works with IT partners to reduce risk over time. Analysts analyze vulnerability data, contextualize findings based on asset criticality and threat activity, and support prioritization and remediation efforts. As maturity increases, this work informs risk reporting, service-level objectives, and longer-term improvements to institutional security hygiene.

Threat hunting & Intelligence

Threat hunting focuses on proactively identifying attacker behavior that may evade automated controls by analyzing log data, indicators of compromise, and attacker tactics relevant to higher education. Analysts research emerging threats, develop hypotheses, and conduct structured hunts to validate or dismiss potential adversary activity. Findings from this work inform improved monitoring, incident response, and risk prioritization across the SOC.

Identity Security

In this pillar, analysts help identify and reduce identity-related risk by analyzing authentication data, privilege use, and configuration weaknesses across identity platforms. The work emphasizes applying least-privilege principles, improving visibility into account misuse or compromise, and supporting campus partners in strengthening identity governance. Identity findings feed directly into incident response, threat hunting, and enterprise risk management efforts.

Penetration testing

The penetration testing pillar validates the security of applications and systems through controlled testing designed to identify exploitable weaknesses before attackers do. Analysts conduct testing, validate findings, and clearly communicate results and remediation guidance to system owners. This work supports risk-based security decisions and contributes to the ongoing maturation of secure system design and deployment practices.

Professional development

On-the-job training and learning, both self-paced and as mentored by other full time analysts. Attend seminars and conferences as well as participate in relevant professional organizations. The CES SOC maintains a budget for these training opportunities.

Supervision, collaboration, and leadership

Serve as a technical leader within assigned security pillars, mentoring student and full-time analysts; contribute to analyst skill development and operational maturity. Partner with IT and campus stakeholders to improve security processes and governance.

What qualifies you for thils role

Skills, abilities, or knowledge

You are not required to have experience in all areas listed below. What you don't know we can teach you. We are seeking the most qualified candidates; the more you have, the more likely you will be selected. Compensation will be commensurate with experience and skills. Core strengths for mid-career candidates:

· Security fundamentals and professional judgement

· Log analysis, investigation, and root-cause analysis

· Strong communication with technical and non-technical audiences

Additional experience that is highly valued:

· Threat hunting, forensics, or threat intelligence

· Cloud security (Iaas/PaaS)

· Scripting & automation

· Identity platforms (Okta/Active Directory)

· Vulnerability management

Who thrives in this role

This position is ideal for security professionals who enjoy hands-on technical work, value collaboration, and want their expertise to make a visible difference. Analysts who succeed here are curious, adaptable, and motivated by service-oriented impact as much as technical challenge. Many of our analysts choose BYU for the combination of mission-driven work, long term stability, and sustained professional growth.

Education and Experience

This position provides an opportunity for people of varying levels of skill. If you have a lot of education, experience, and skill, we'll compensate you accordingly. If you are early in your career, this could be a great opportunity for you, too. Different levels of pay are assigned by the hiring department depending on experience/education/skills and business needs.

Professional (Level 54T): Bachelor's degree and 2 years of IT experience, or an equivalent combination of relevant education and experience. Cybersecurity experience preferred. Supervision experience preferred (full-time or part-time). ($88,000 to $114,000 approximate starting salary range)

Senior Professional (Level 55T): Bachelor's degree and 5 years of IT experience required, or master's degree and 3 years of IT experience. Cybersecurity experience preferred. A minimum of 2 years of supervisory & mentoring experience is required (part-time or full-time). ($102,000 to $132,500 approximate starting salary range)

Lead/Expert (Level 56T): Bachelor's degree and 12 years of IT experience, or a Master's degree and 10 years of IT experience. Cybersecurity experience required. A minimum of 5 years of supervisory & mentoring experience is required (part-time and full-time). ($118,500 to $154,000 approximate starting salary range)

What we offer in return:

In addition to our competitive pay structure, this position comes with fantastic benefits, including:

• 401k. BYU automatically contributes 8% at no cost to you. Additionally, if you contribute 5%, BYU adds an additional 4% (Rehires may qualify for different retirement plans)
• Excellent work-life balance: 13 paid holidays + 22 days paid vacation + 12 sick days, accrued annually
• Employee assistance program, available to the employee and all members of their household
• Tuition benefits for employees and eligible family members
• Access to athletic facilities
• Excellent medical/dental benefits
• Short/long-term disability benefits
• Paid parental and maternity leave
• Wellness Program
• Free on-campus parking
• Free UTA passes for employees, spouses, and qualified dependents
• Discounts at the BYU Store and for many events at BYU

Required Documents:

All Staff positions require a resume.

Refer to the Job Posting for any additional required documents.

Members of The Church of Jesus Christ of Latter-day Saints must hold and be worthy to hold a current temple recommend.

Brigham Young University is an equal opportunity employer, including disability and protected veteran status.

Brigham Young University (BYU) is widely recognized not just for its world-class education, but for its deep commitment to inspired religious values. Gathered together in a Christ-centered atmosphere, BYU employees are a vital part of a community of belonging, where we value the experiences, perspectives, and talents of each individual. If you share in our devotion to faith and to excellence, we have a place for you here at BYU!