INFORMATION SECURITY ANALYST IV - 43004418

About The Position

Requirements

• Four (4) years of experience in Management Information Systems (MIS), Computer Science, Information Systems, Information Technology, or related field.
• A post-secondary degree in Management Information Systems (MIS), Computer Science, Information Systems, Information Technology, or related field may be used as an alternative for the years of experience on a year-for-year basis.
• Five (5) or more years of progressive experience in cybersecurity, with significant experience in vulnerability management or security operations.
• Five (5) or more years of experience administering enterprise vulnerability scanning and reporting tools in large-scale environments.
• Excellent interpersonal and communication skills (English Proficient).
• Knowledge of Florida statutes, rules related to IT and information security.
• Knowledge of National Institute of Standards and Technology (NIST) security standards.
• Knowledge of vulnerability management frameworks, lifecycle processes, and industry best practices.
• Knowledge with enterprise vulnerability scanning tools such as Tenable, Qualys, Rapid7, or equivalent platforms.
• Knowledge of CVE, CVSS, CWE, patch management, and common attack vectors.
• Knowledge of operating systems, network protocols, firewalls, cloud platforms, databases, and enterprise applications.
• Knowledge of security standards and frameworks such as NIST SP 800-53, NIST CSF, CIS Controls, and ISO 27001.
• Ability to interpret technical vulnerability data and translate findings into actionable remediation guidance.
• Ability to manage multiple priorities and coordinate cross-functional remediation efforts in complex enterprise environments.
• Ability to analyze, interpret and operationalize statutes, rules, guidelines, policies and procedures.
• Ability to write policies, procedures and guidelines.
• Ability to analyze and interpret computer related data.
• Ability to communicate business information effectively and in writing to users and information technology personnel.
• Ability to work independently.
• Ability to determine work priorities, assign work and ensure proper completion of work assignments.
• Ability to communicate effectively in oral and written form.
• Skilled in establishing and maintaining effective working relationships with others.
• Skilled in analytical, organizational, and communication with the ability to present technical information to both technical and non-technical audiences.
• Must pass a security background check, including fingerprint as a condition of employment.

Nice To Haves

• Familiarity with scripting or automation tools such as PowerShell, Python, or APIs for scan orchestration and reporting.
• Professional certifications such as CISSP, GSEC, GPEN, CEH, Security+, or vendor-specific certifications related to vulnerability management platforms.

Responsibilities

• Administer, operate, and continuously improve the organization’s Vulnerability Management Program.
• Identify, assess, prioritize, track, and report cybersecurity vulnerabilities across enterprise systems, applications, and network infrastructure.
• Provide strategic oversight of vulnerability scanning technologies.
• Coordinate remediation efforts with technical stakeholders.
• Ensure timely mitigation of identified risks in alignment with organizational security policies and regulatory requirements.
• Perform duties other than those listed on the position description occasionally.
• Administer enterprise vulnerability scanning and reporting tools in large-scale environments.

Benefits

• Paid on a monthly pay cycle.