Clemson is calling...are you ready to answer the call?  

One of the most productive public research universities in the nation, Clemson University attracts and powerfully unites students, faculty and staff whose greatest desire is to make a difference in the lives of others. 

Clemson has recently been named a top 25 public college in the country by the Wall Street Journal, a top South Carolina employer by Forbes and a Military Friendly Employer for five years running. Through our research, outreach and entrepreneurial projects, Clemson University and its employees are driving economic development and improving quality of life in South Carolina and beyond.

So,... are you ready?

Clemson University's Office of Information Security is looking for a Vulnerability Security Analyst to fulfill the following duties:

• The Vulnerability Security Analyst is responsible for strengthening the organization's security by managing and improving the Vulnerability Management Program. 
• This includes conducting penetration tests, vulnerability assessments, analyzing risks, and ensuring the security of internet-accessible systems. 
• Performs other duties as assigned.

30% - Essential - Vulnerability Scanning and Assessment: 
Conduct regular scans and assessments across university servers, networks, applications, and endpoints to identify vulnerabilities, misconfigurations, and other security weaknesses. Evaluate vulnerabilities to determine their potential impact on university systems, assigning risk levels and prioritizing remediation efforts based on threat level and asset criticality. Stay updated on emerging vulnerabilities and industry trends, evaluating their relevance and potential impact on the university's infrastructure. Contribute to the enhancement of vulnerability management procedures, automating workflows, integrating new tools, and refining scanning methodologies.
30% - Essential - Plan and Execute Penetration Tests: 
Develop, schedule, and execute penetration tests across university systems, applications, and networks, simulating realistic cyber threats to assess security measures. Show proficiency in executing tests, validating test results, filtering out false positives, and delivering clear, actionable recommendations for mitigation.
20% - Essential - Remediation and Mitigation Planning:
Work with IT, application, and network teams to develop and implement remediation strategies, including patching, configuration changes, and vulnerability-specific mitigations. Support continuous improvement by refining processes and documenting best practices.
10% - Essential - Document Findings and Provide Recommendations:
Produce detailed reports that outline security vulnerabilities, their potential impact, and provide actionable recommendations to strengthen security defenses. Maintain accurate records of findings, remediation efforts, and policy updates for future reference and audits.
10% - Essential - Collaboration with SOC and Incident Response Support:
Collaborate with Security Operations Center (SOC) personnel to perform tests against the university's defensive and monitoring systems to refine and advance detection capabilities. Work closely with cross-functional teams to analyze, comprehend, and mitigate security risks. Assist the incident response team by conducting root-cause analysis on security incidents and contributing to mitigation strategies.

Education - Bachelor's Degree in Information Technology Systems, Computer Science, or related field 

Work Experience - Experience in information technology systems or related area. Relevant experience may be substituted for bachelor's degree on a year-for-year basis.

Preferred Education - Bachelor's Degree in Computer Science or Related Technical Field, or equivalent work experience in the relevant field.

Preferred Work Experience -Experience in vulnerability management, penetration testing and security assessments.

Preferred Certifications:

• Offensive Security Certified Professional (OSCP)
• Practical Junior Penetration Tester (PJPT)
• Practical Network Penetration Tester (PNPT)
• GIAC Penetration Tester (GPEN)
• GIAC Security Essentials (GSEC).

JOB KNOWLEDGE
Firm Job Knowledge - Firm working knowledge of concepts, practices and procedures and ability to use in varied situations
SUPERVISORY RESPONSIBILITIES
No Supervisory Duties - Not responsible for supervising employees.
BUDGETARY RESPONSIBILITIES
No Budget Responsibilities - No fiscal responsibility for the department's budget.

100% - Communicate, converse, give direction, express oneself
100% - Recognize or inspect visually
100% - Perceive, observe, clarity of vision

No Work Conditions

Standard Hrs: 37.5 Hours / Week

Expected Salary Range: $ 95,506.00 - $ 153,973.00
 

Salary is dependent upon several factors including, but not limited to, a candidate's previous experience, knowledge, skills and performance in accordance with Clemson's compensation guidelines.

Normal Operations
Required to follow emergency facility closure directives, and not normally expected work on-site during emergency situations.

Clemson, SC

March 16, 2025 @ 11:59 PM

MILITARY EQUIVALENCY:
Clemson University is proud to allow educational equivalency for military technical certifications and trainings that directly relate to the job duties.
VETERAN PREFERENCE:
South Carolina is making our Veterans a priority for employment in state agencies and institutions.      

State policy for veteran preference states that for qualifying, full-time permanent positions, a veteran applicant may receive preference if they meet the job's minimum qualifications, were discharged under honorable conditions from the military, and submit their DD-214 for confidential review by the Office of Human Resources.
To claim Veteran Preference for qualifying positions, email hrjob@clemson.edu upon submission of your application.         

Clemson University is an AA/EEO employer and does not discriminate against any person or group on the basis of age, color, disability, gender, pregnancy, national origin, race, religion, sexual orientation, veteran status or genetic information.