Skip to content

Senior Incident Response Analyst

Requisition Number:



Boulder, Colorado

Employment Type:

University Staff



Posting Close Date:


Date Posted:


Job Summary

The University of Colorado Boulder is seeking a Senior Incident Response Analyst! The Security Operations team within the Department of Information Technology (OIT) welcomes applications for a Senior Incident Response Analyst! The Analyst is responsible for incident response processes, digital forensics processes and technology support for investigations. Duties include both direct incident response handling as well as management of the response process, ensuring incidents are appropriately worked, resolved and advanced as needed. This position will take the lead within the team for interacting with law enforcement agencies when needed. The CU Boulder campus supports more than 30,000 students and thousands of employees, all using a wide variety of IT services that are hosted both on-premise and with third-parties. 
We are looking for a team member who collaborates well both within the security team and with other groups on campus, brings knowledge and experience in incident response, and has a focus on serving the university community through protecting their security and privacy. This position may lead one or more student employees, depending on arrangements within the team. This position is available as full time or part time with a minimum of 75% time work schedule. This position has flexibility to work remotely, but is expected to be on the CU Boulder campus to assist with collections and investigations as needed. 

The University of Colorado Boulder is committed to building a culturally diverse community of faculty, staff, and students dedicated to contributing to an inclusive campus environment. We are an Equal Opportunity employer, including veterans and individuals with disabilities.

Who We Are

  • Office Information Technology will be valued by campus as a strategic, inclusive and innovative partner in advancing learning and discovery in order to enable CU Boulder to be a premier public university.
  • Office Information Technology enables campus priorities by providing high-value IT services and solutions. 
  • Trust, as a foundation for how we engage with one another and with campus partners, along with 
  • Avid curiosity in how to better support the campus and our stakeholder’s while 
  • Fostering empowerment and authentic engagement among ourselves and 
  • Celebrating inclusivity that promotes a sense of belonging while acknowledging that each person is unique and valued. 
  • Office Information Technology will advance learning and discovery by delivering high-value reliable IT services and solutions that:
    • Provide a fluid and adaptable academic and student experience 
    • Enable research competitiveness and 
    • Deliver core infrastructure and enterprise IT services for business effectiveness.
Based on our departmental goals and our commitment to diversity and inclusive excellence, CIO Information Technology particularly welcomes applications from candidates whose knowledge, skills, and abilities, and desire to contribute to an inclusive campus environment, will help us achieve our vision of a diverse and inclusive community.

What Your Key Responsibilities Will Be

Duties and responsibilities of the position include, but are not limited to: 
Incident Response
  • Serve as the lead role in information security incident response, providing direction for related processes and outcomes. 
  • Work with partners to resolve computer security incidents. 
  • Create incident reports of notable incidents, including assessments of broader implications to the organization. 
  • Coordinate with law enforcement investigations in alignment with organizational processes. 
  • Work with IT service providers to determine appropriate incident and monitoring processes for their services. 
  • Verify that application software, network, system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations. 
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. 
  • Operate creatively with appreciable latitude in developing methodology and presenting solutions to sophisticated problems. 
  • Serve as a domain expert and campus advisor recommending methods to control or reduce risk to critical IT and information resources. 
  • Provide mentorship to the Incident Response & Monitoring Analyst. 
  • Supervision of student employees to ensure effective delivery of technical initiatives, projects and processes. This includes assigning tasks, prioritization, supervising progress and workflow, checking final work product, scheduling work, establishing work standards, and ensuring that student employees are empowered. This also includes making staffing decisions, providing training and performing other day-¬to-¬day supervisory activities. 
Cyber Defense Analysis
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. 
  • Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities. 
Digital Forensics
  • Perform forensic analysis of computers, network traffic, phones and other data sources in support of information security investigations. 
  • Handle and supervises data/evidence in accordance with appropriate processes. Coordinate with internal and external groups for handling and transfer of data.
Professional Development
  • Provide technical mentorship to the Incident Response & Monitoring Analyst. 
  • Maintain an awareness of information security news, events, and trends. 
  • Learn greater skills (both technical and non-technical) through formal training, degree programs, certifications, attending conferences/events, informal learning plans, etc.

What You Should Know

  • This position is in a hybrid work situation. This position will work primarily remotely, but is expected to be on the CU Boulder campus to assist with collections and investigations as needed.
  • Visa sponsorship is not available for this position.
  • All University of Colorado Boulder employees are required to comply with the campus COVID-19 vaccine requirement. New employees must provide proof of vaccination or receive a medical or religious exemption within 30 days of employment.

What We Can Offer

  • Salary: $82,000 - $95,000.


The University of Colorado offers excellent benefits, including medical, dental, retirement, paid time off, tuition benefit and ECO Pass. The University of Colorado Boulder is one of the largest employers in Boulder County and offers an inspiring higher education environment. Learn more about the University of Colorado Boulder.

Be Statements

Be dynamic. Be genuine. Be Boulder.

What We Require

  • Bachelor’s Degree from an accredited institution in a relevant field. A combination of education and demonstrable experience as described below may be substituted for the degree on a year-for-year basis.
  • Three years of relevant work experience in security incident response, cyber defense analysis, digital forensics, information security, information systems engineering/administration, and/or participating in or leading information security incident response processes.

What You Will Need

  • Knowledge of information security monitoring principles including base lining, tuning, interpretation of indicators of compromise. 
  • Knowledge of incident response and handling methodologies. 
  • Knowledge of computer networking fundamentals. 
  • Knowledge of Linux and Microsoft operating system administration. 
  • Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. 
  • Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
  • Skill in verbal and written communication, facilitation, and social skills. 
  • Ability to translate complex concepts into simple, clear, and concise messages that technical and non-technical audiences can quickly comprehend. 
  • Ability to follow processes for preserving digital evidence. 
  • Ability and interest to continually learn and grow professionally. 
  • Ability to establish, maintain and cultivate positive and effective working relationships with those contacted in the course of work. 
  • Ability to multitask and work well individually, as well as harmoniously with partners in support of team effort. 
  • Ability to create and follow work plans.

What We Would Like You To Have

  • Experience working in the higher education industry. 
  • Working knowledge of cloud platform (AWS or MS Azure) administration. 
  • Working knowledge of data security and compliance operations and governance for highly confidential data (eg. HIPAA, FERPA, CUI, etc). 
  • Demonstrated ability to work across departments and business units to implement organization’s privacy principles and programs and align privacy objectives with security objectives.

Special Instructions

To apply, please submit the following materials: 
  1. A current resume. 
  2. A cover letter that specifically tells us how your background and experience align with the requirements, qualifications, and responsibilities of the position.
We may request references at a later time.

Please apply by December 7, 2022 for consideration.

Note: Application materials will not be accepted via email. For consideration, please apply through CU Boulder Jobs.

Posting Contact Information

Posting Contact Name: Boulder Campus Human Resources

Posting Contact Email: