Cybersecurity Analyst

Position Title: Cybersecurity Analyst

Department: Information Technology Services

Advertised Pay: Competitive

Campus Location: Washburn University

Application Deadline:  Application review will begin as applications are received and will continue until the position is filled. Applicants can be assured of full consideration if submitted by April 8, 2026.

Position Summary:

The Cybersecurity Analyst is an entry-level position that supports the University’s information security program by assisting with security operations, risk management, vendor security assessments, and awareness initiatives. Reporting directly to the Director of Information Security, this role contributes to protecting institutional data, academic systems, and research environments while operating within a complex, decentralized higher-education setting.

The analyst works collaboratively with IT, academic units, administrative departments, and third-party vendors to help manage cybersecurity risk, respond to security events, and promote a culture of security awareness across the campus community. This position is designed for candidates early in their cybersecurity careers who are eager to learn, develop hands-on experience, and grow within a higher-education environment.

The University is committed to supporting the professional growth of team members in this role. Professional development opportunities may be approved on a case‑by‑case basis and can include, but are not limited to, industry conferences, technical training, cybersecurity workshops, certification preparation, and other skill‑building activities that align with institutional needs and the employee’s development plan. Support may include funding, schedule flexibility, or other resources as appropriate. Employees are encouraged to pursue learning opportunities that enhance their capabilities and contribute to the ongoing maturity of the University’s information security program.

About Washburn University: 

Washburn University is a teaching-focused, student-centered, public institution located in the metropolitan setting of Topeka that has earned national recognition for its high-impact programs for first-generation students. Washburn has a student body of just over 7,000 students, a significant and growing number of whom are first-generation and Pell-Grant eligible. The University has created educational pathways for all students to be successful and achieve their educational goals.

Washburn is dedicated to recruiting and retaining a dynamic faculty, staff, and student body and cultivating a robust learning and working environment and curriculum. We employ more than one thousand faculty and staff on our campuses throughout Topeka and strive to offer competitive wages, an excellent benefits program, and a supportive culture and a healthy work/life balance. Washburn seeks to create an environment that reflects our core values for creating positive IMPACT: inclusion, modernization, partnership, achievement, community and transformation. In 2024, Washburn was recognized as one of the best colleges in the nation to work for, according to Great Colleges to Work For® program.

Essential Functions:
Security Operations & Monitoring
• Monitor security alerts, logs, and reports from security tools such as SIEM, endpoint protection, email security, and identity systems.
• Assist with triage, analysis, and documentation of security incidents, phishing attempts, and policy violations.
• Escalate security events to senior security staff in accordance with incident response procedures.
• Support vulnerability scanning activities and track remediation efforts with IT partners.

Vendor & Third-Party Security Risk Management
• Assist with vendor and third-party security assessments, including reviewing security questionnaires, contracts, and supporting documentation.
• Evaluate vendor security controls related to data protection, access controls, incident response, and compliance requirements.
• Document assessment results and track identified risks and remediation activities.
• Develop and communicate security recommendations for vendors in coordination with the Director of Information Security, Purchasing, General Counsel, and business owners.
• Support ongoing monitoring of vendor security posture and reassessments as needed.

Risk, Compliance & Governance Support
• Assist with institutional risk assessments, control reviews, and evidence collection.
• Help maintain information security documentation, including policies, standards, procedures, and inventories.
• Support compliance activities related to higher-education regulatory and contractual requirements (e.g., FERPA, GLBA, HIPAA, research data protections, grant requirements).
• Assist with responding to audits, internal reviews, and external security inquiries.

Security Awareness & Training
• Support the University’s security awareness program, including phishing simulations and campus-wide training initiatives.
• Assist with security education for new faculty, staff, and students as appropriate.
• Track metrics and help prepare reports on awareness, phishing campaigns, and participation rates.
• Work with IT teams, academic departments, administrative offices, and shared governance groups to support secure technology use.
• Participate in security projects and initiatives as assigned by the Director of Information Security.
• Stay informed on emerging threats, vulnerabilities, and best practices relevant to higher education.
• Perform additional job-related duties as assigned or as appropriate.

Required Qualifications:
• A post-secondary degree or certificate in Cybersecurity, Information Technology, or Computer Science; OR a combination of relevant post-secondary education and related IT work experience equivalent to a post-secondary degree.
• Demonstrated foundational understanding of information security concepts.
• Proven familiarity with Windows/Linux, networking concepts, and common security tools.
• Demonstrated effective analytical, organizational, and documentation skills.
• Ability to handle sensitive and confidential information.
• Must achieve an entry-level cybersecurity certification within the first 6 months of employment.

Preferred Qualifications:
• Internship or entry-level experience in cybersecurity or IT, preferably in higher education.
• Familiarity with NIST CSF or ISO 27001.
• Exposure to vendor risk assessments.
• Entry-level cybersecurity certification or progress toward one.

Exempt, Full time, Mon-Fri, 8am-5pm   
Background Check Required