Information Security and Compliance Analyst
About The Position
Assure information security and compliance with regulatory agencies. Using tools such as Tripwire, must be able to baseline systems and monitor system changes. Comprehend complex compliance requirements and provide assurance those are met. Analyze applications, networks, and systems for cyber security risk using a variety of tools. Apply security patches to both Windows and Linux operating systems. Script common information security tasks using tools such as Visual Basic, Power Shell, PERL, and Python. Demonstrates ongoing education of security of the City's functions, such as for Utilities, PCI, Public Safety, and HIPAA. Perform security breach simulations to test breach response plans and exercise IT and other City staff's ability to execute those response plans. Oversees the execution of external penetration tests and coordinates and participates in any necessary mediation. Oversees the execution of social engineering tests and coordinates and participates in any training and communication needed as a result of those tests.
Requirements
- Completion of a bachelor degree in computer science, management information systems or a related field with an additional two years of experience in cyber security; or any combination of relevant education and experience
- Job related security certification required. Examples SANS GSEC, CISSP, Security+ or Certified Ethical Hacker.
- Completion of a seven year criminal background check, identity verification (e.g. Social Security number verification), and the passing of a Personnel Risk Assessment (PRA).
- No Class B Misdemeanor convictions within last 10 years
- No Class A Misdemeanor, Felony Convictions or Family Violence Conviction
- Knowledge of: NERC CIP standards and compliance
- Knowledge of: HIPAA standards and compliance
- Knowledge of: PCI standards and compliance
- Knowledge of: CJIS standards and compliance
- Knowledge of: Windows security and security tools
- Knowledge of: Linux security and security tools
- Knowledge of: Tripwire solution
- Knowledge of: Juniper SRX
- Knowledge of: VMWare
- Knowledge of: Palo Alto
- Knowledge of: IPv4 networks, routing, and security
- Knowledge of: NSX micro segmentation
- Ability to establish effective working relationships with City department personnel
- Ability to communicate effectively, orally and in writing
- Ability to use analysis techniques to clearly identify the security and compliance requirement of various City organizations
- Ability to prioritize, plan, and organize tasks based upon security and compliance requirements
- Ability to work successfully in situations with minimal supervision and maximum scrutiny
- Ability to research and deploy new security technology and methodologies
Nice To Haves
- Ongoing education of security of the City's functions, such as for Utilities, PCI, Public Safety, and HIPAA.
Responsibilities
- Comprehend complex compliance requirements and provide assurance those are met
- Baseline systems and monitor system changes
- Analyze applications, networks, and systems for cyber security risk
- Create security breach response plans
- Perform security breach simulations
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
