Candidate will have 5+ years IT experience performing information security assessments of both internally developed and hosted systems, as well as third party vendor hosted and supported systems. The information security analyst will provide infrastructure and security related scorecards and status reports to senior management. The position will also be responsible for various information security related compliance issues, including application security analysis. Experience should include information security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired. Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis. Strong analytical and problem solving skills. Excellent communication (oral, written, presentation), interpersonal and consultative skills.