IT Security Analyst

About The Position

Requirements

• Extensive experience with and knowledge of Endpoint Protection, EDR, and MDR functionality.
• Experience with firewalls and associated management tools.
• Familiarity with Security, Education, Training, and Awareness (SETA) platforms.
• Strong understanding of AD, IP, TCP/IP, and other network administration protocols.
• Experience with the following access control schemes: Role-based Access Control (RBAC), Mandatory Access Control (MAC), Discretionary Access Control (DAC).
• Strong understanding of Microsoft Windows Server 2016, 2019, & 2022, and Windows 11 or higher.
• Knowledge and experience in using automated tools for applying operating system, application, and firmware updates, hot fixes, and patches.
• Possess a high degree of integrity and trust, along with the ability to work independently on complex technical issues.
• Proven analytical and problem-solving abilities with keen attention to detail.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and product as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Team-oriented and skilled in working within a collaborative environment.
• Bachelor’s degree from an accredited four (4) year college or university with major course work in computer science or related field, or equivalent work experience.
• A minimum of four (4) years of relevant experience in IT Security, Audit, or Compliance inclusive of implementing security measures and deploying, configuring, maintaining, and integrating security solutions.
• Maintain one or more of the following certifications in good standing, or be able to obtain this within nine (9) months of employment: CompTia Security+, CISM, CISSP, CEH, OSCP, CCSP, MTA/SF, CSX Cybersecurity Fundamentals Certificate, CCNA – Security.

Nice To Haves

• English & Spanish speaking preferred.

Responsibilities

• Contribute to the planning, design, and creation of enterprise security architecture, policies, incident response plans, business continuity, and disaster recovery plans.
• Promote security awareness and cybersecurity goals with City staff.
• Stay informed on IT security industry trends, emerging threats, and solutions.
• Review, recommend, and implement security measures and enhancements.
• Deploy, integrate, and configure new and existing security solutions.
• Provide day-to-day support for the information security program, ensuring adherence to best practices across network, desktop, server, and mobile configurations.
• Design and maintain security controls, and define role-based access and secure business processes.
• Monitor security threats, systems, and network traffic, conducting vulnerability assessments and ensuring operational efficiency.
• Respond to security incidents, collaborate across teams for resolution, and ensure CIA (Confidentiality, Integrity, Availability) of City information.
• Administer and audit user access, defend against unauthorized access, and maintain effective malware protection.
• Train employees in security awareness and respond to incidents with post-event analyses and remediation.
• Perform other related duties as assigned.