Cybersecurity Analyst

About The Position

Requirements

• Working knowledge of vulnerability scanning tools (e.g., Nessus, Microsoft Defender Vulnerability Management, Qualys or similar) and the ability to interpret scan results and prioritize remediation based on risk.
• Familiarity with the NIST Cybersecurity Framework (CSF) and the ability to map organizational practices to CSF categories and subcategories.
• Understanding of data classification concepts and applied classification and data loss prevention frameworks.
• Practical experience with Microsoft Purview Information Protection, sensitivity labels, or comparable data classification tooling and in onboarding businesses (e.g., teams, offices, departments) with onboarding and utilizing Purview including cloud (MS SharePoint and Azure) and on-prem repositories.
• Knowledge of common network protocols, operating systems for Microsoft (Windows Server, Windows 10/11), and Active Directory/Entra ID administration sufficient to understand security implications.
• Familiarity with HIPAA Security Rule requirements.
• Ability to produce clear, concise written reports and briefings that communicate technical findings to non-technical audiences, including department heads and elected officials.
• Ability to work across teams and organizational boundaries, coordinating remediation activities with staff who do not report to ITS.
• Working understanding of common attack vectors, the MITRE ATT&CK framework, and how threat intelligence applies to vulnerability prioritization.
• Ability to manage competing priorities and maintain documentation discipline in an environment where processes are being established for the first time.
• Bachelor’s degree in cybersecurity, information technology, computer science, or a related field. An equivalent combination of education and directly relevant experience will be considered.
• Minimum 3 years of experience in information security, vulnerability management, IT audit, or a related discipline.
• At least one active industry certification: CompTIA Security+, Microsoft Security Operations Analyst, or GIAC GSEC, or equivalent.
• Experience with Microsoft Purview, Microsoft Defender for Endpoint, or Microsoft 365 security and compliance tools.
• Familiarity with SIEM platforms (e.g., Microsoft Sentinel, Splunk, Elastic) and security log analysis.

Nice To Haves

• Public sector experience is preferred but not required.
• Experience with NIST SP 800-53 controls, CIS Controls v8, or NIST SP 800-171.
• ISACA CISM, ISACA CCOA, CompTIA CySA +, or GIAC GCIH certification.
• Experience supporting HIPAA or CJIS compliance programs.
• Experience developing or contributing to cybersecurity policies, standards, or governance documentation.
• Ability to test and operate AI tools within established security boundaries to ensure the safety of county data and operating systems.

Responsibilities

• Own the vulnerability management program lifecycle — define scan schedules and SLA thresholds, conduct regular vulnerability scans across county infrastructure including servers, endpoints, network devices, and cloud-hosted services, track remediation trending over time, and produce actionable risk-ranked findings reports for ITS leadership.
• Lead Microsoft Purview onboarding for county departments including departmental collaboration, sensitivity label taxonomy design, content classification rule maintenance, and exception adjudication.
• Ensure county data classification standards are enforced consistently across Microsoft 365, SharePoint, Azure, and on-premises repositories.
• Support compliance and data classification activities under HIPAA, CJIS Security Policy, and applicable state and federal data privacy requirements by mapping technical controls to framework requirements and documenting compliance status.
• Draft cybersecurity policies, standards, and procedures grounded in the NIST Cybersecurity Framework for review by the Network Security Administrator, including documentation covering asset management, access control, and incident detection categories.
• Monitor security alerts from existing tools (endpoint protection, email filtering, firewall logs) and triage potential incidents, escalating confirmed threats per established procedures.
• Coordinate patch management activities with infrastructure and applications teams to ensure timely remediation of known vulnerabilities, tracking patch compliance against defined SLAs.
• Support ITS in conducting risk assessments for new technology procurements and system changes using ITS security and risk assessment rubrics.
• Manage the compliance components of the county’s mandatory cybersecurity awareness training program in coordination with the ITS training team, including phishing simulation campaign execution, compliance tracking, automated notifications, and credential suspension workflows for overdue participants.
• Produce and deliver quarterly metrics reports to ITS leadership on training completion rates, simulation results, and program effectiveness.
• Participate in incident response activities including detection, containment, documentation, and post-incident review.
• Contribute to the development of incident response playbooks as the county builds its response capability.
• Assist in updating documentation on security controls, vulnerability management metrics, and compliance posture for reporting to ITS leadership and county stakeholders.
• Research emerging threats, vulnerabilities, and attack techniques relevant to local government environments.
• Assist with identity and access management reviews, including periodic access certifications and privileged account audits across county systems.
• Develop competency with AI-assisted security tools, including AI-driven threat detection, automated vulnerability prioritization, and AI-supported compliance documentation.

Benefits

• Equal Employment Opportunity Montgomery County is an equal opportunity employer committed to creating a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic.