InfoSec Analyst position at U Colorado

[Brad Judy <brad.judy () CU EDU>]

I have a position open on my team for an Information Security Analyst who will be focused on topics like vulnerability 
management, SIEM, incident response and endpoint security.  It’s a great team and we collaborate a lot with the teams 
on the academic campuses. In fact, we’re just starting down the path of building a new multi-campus SIEM, which is a 
great opportunity for the person in this position. I’m also looking to revamp how we handle vulnerability management, 
giving our new team member the chance to reimagine that piece to be more effective.

This is one of four information security teams in the University of Colorado system. We manage operational security for 
the administrative division of the university (ERP systems) and we also work on system-wide 
policy/standards/governance. This position is on the operational security side and will work alongside both other 
infosec team members as well as the folks who manage the IT systems. Since we’re an administrative division, we’re 
smaller and have centralized IT. This means no departments to chase down or working with faculty members. It also means 
it’s a bit between academic and private sector in atmosphere.

https://cu.taleo.net/careersection/2/jobdetail.ftl?job=14201

The job is in downtown Denver (technically uptown about three blocks north of the capitol building) and is not located 
on one of the academic campuses. However, it’s common for the team members to spend occasional days working from one of 
the campuses to collaborate with other teams and to get a feel for the different environments.

A bit of a different note from my prior postings: I’m doing a blind first-round this time. That means we will not see 
names or other identifying information when we review resumes and cover letters. That’s why the contact information on 
the posting is the HR dept and not me – we’re trying to keep things pretty blind for the first round. It’s part of my 
continuous improvements towards more inclusive and unbiased hiring practices. The goal is to go purely on content and 
remove any unconscious bias based on names, geographic location, gender, ethnicity, etc.  You may also notice that some 
pieces of the job posting are not worded or arranged in a typical manner – it’s a lot of intentional choices that I’m 
happy to discuss with the curious.


Brad Judy

Information Security Officer
Office of Information Security
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu/>

[cu-logo_fl]