Cyber Security Analyst

About The Position

Requirements

• Applicants must be legally authorized to work in the United States without employer sponsorship on a permanent basis.
• This position requires regular onsite presence. Relocation assistance is not available, and candidates must be able to begin work without relocation support.
• Education: Bachelor’s Degree from and accredited college or university in Information Technology/Security or closely related field.
• OR
• Technical College certificate in Security/IT with additional technical certifications (Security+, Network+, etc.) plus (six) 6 months to (two) 2 years related experience.
• OR
• An equivalent combination of education and five (5) years of related experience.
• Knowledge: Knowledge of security controls for application development and management. Basic understanding of IT systems, computer infrastructure & software (e.g., computer, server, storage, networking, firewall, OS, databases, web servers, virtualization). General understanding of how to reverse engineer attacks. Introductory level knowledge of Information Security or Information technology standards. Introductory knowledge of Linux, Windows and Network system administration practices, access control, and auditing/logging procedures within an enterprise class environment. Introductory knowledge of security related tools including vulnerability assessment tools, Host Based Security Systems, log aggregation and SIEMs, File Integrity Monitoring Software.
• Skills: communications skills, both verbal and written, as well as the ability to communicate well with people in a variety of positions, roles, and levels; Leveraging networking tools to map networks on a basic level.
• Abilities: Ability to create and maintain effective documentation, including policies, processes, and procedures. Ability to prioritize workload in order to meet commitments. Basic networking skills (IP Addressing, subnets, simple network tools). Ability to multitask and prioritize projects, appropriately manage expectations, make difficult judgment calls and communicate complex issues in an easy to understand format. Ability to prepare multiple types of documentation, policies, guides, communications, presentations, etc. Initiative driven attitude and a willingness to take on challenging tasks independently. Professional, self-motivated and a strong sense of urgency.
• Due to the nature of this position, the successful candidate may be required to complete a pre-employment background check prior to starting the position.

Responsibilities

• Have an enthusiasm and passion for security, be able to work independently or as part of a larger security team.
• Hands on virus/malware identification, investigation and mitigation on county endpoints as they arise.
• Act in an advisory role to other teams both internal to IT and throughout the county.
• Stays current with technical knowledge in information systems, security and privacy technologies, best practices, and use of appropriate security controls and methods.
• Deploys, as instructed, the Information Security plans and short-term and long-term strategies for the IT organization and the County.
• Deploys and integrates IT security and privacy-related programs designed to protect the County’s systems, applications, and data.
• Identifies and communicates security issues and their impact on the IT organization and the County and assists with executing successful solutions while tracking and achieving measurable results.
• Complies with and promotes all IT security policies, processes, procedures, and best practices.
• Establishes and maintains positive business relationships with users countywide to actively market and educate them on the importance of security cooperation and compliance.
• Designs, develops, implements, and monitors information security systems and controls.
• Documents processes and monitors systems that report on the effectiveness of systems and controls necessary to protect the County’s information technology systems, assets, and interests.
• Monitors compliance with the organization's information security policies and procedures among employees, contractors, partners, and other third parties and resolves potential issues as needed.
• Assists with information security risk assessments and serve as information security subject matter expert to countywide customers.
• Responds, as directed, to information security incidents and follow up to ensure that proper protection and corrective measures have been taken.
• Participates, as instructed, in forensics investigations and audits as required.
• Implements, as instructed, security controls for systems that accept payment card data.
• Implements, as instructed, the County’s cloud security strategy to protect County IT systems and data in PaaS, SaaS, and IaaS environments.
• Embraces managed security service options as they are considered.
• Maintains required certifications as specified by the Information Security Officer.
• Other duties as assigned.

Benefits

• Health
• Dental
• Vision
• Retirement
• 401k match
• Sick/Vacation
• Life Insurance
• Short-term Disability
• Accident
• Critical Illness
• Parental Leave
• Maternity Leave