Senior Information Security & Compliance Analyst

About The Position

Requirements

• Knowledge of: Principles, practices and methods of cyber-security infrastructure and vulnerability management; Cyber Security and Information Protection and Privacy principles and practices; evolving sources of security threats and vulnerabilities; on-line systems security products and methodologies, applicable to both the enterprise infrastructure and its applications and data management systems; preventative security controls in general industry use including firewalls, IDS/IPS, VPN and others; common security management frameworks such as NIST, SANS Twenty Critical Security Controls and other cyber security standards; PCI compliance requirements and standards; principles, practices and techniques of information technology management; the software development life cycle; operating system architectures, characteristics, components, uses and limitations applicable to the District information technology environment; network architectures and theory and principles of secure network design, integration, configuration and management; principles and methods of enterprise level data management and data storage solutions; project management methods, tools and techniques; troubleshooting principles and practices applicable to areas of responsibility; customer relationship management and internal consulting concepts and practices; systems integration and optimization design concepts and techniques particularly as applicable to areas of assigned responsibility; principles and practices of effective team leadership and mentoring.
• Ability to: Contribute to the development, integration and administration of a comprehensive cyber security protection framework including policies, standards and guidelines; effectively carry out assigned project responsibilities; apply professional knowledge of scientific and engineering concepts, principles, phenomena and relationships to: assess specific requirements, delineate appropriately engineered system designs, and recommend preliminary and final design plans, engineering specifications, cost estimates and procurement packages in support of the cyber security management, preventive maintenance and mission critical systems and equipment; analyze policy, trends, and intelligence to better understand how cyber security threat adversaries may think or act, using deductive reasoning and problem solving skills to develop appropriate counter measures; apply critical thinking skills to isolate problem causes, perform root cause analysis and formulate solutions and workarounds; identify cyber security management issues and opportunities, analyze problems and alternatives, formulate complex technical solutions and develop sound conclusions and recommendations; build teamwork and collaboration with other IT units and departments to optimize effectiveness of the District/SNWA cyber security program; set priorities and allocate resources to most effectively meet needs in a timely manner; prepare clear, concise and accurate reports and other materials; communicate clearly and effectively to diverse audiences of technical and non-technical personnel, orally and in writing; exercise sound expert independent judgment within general guidelines; use tact and diplomacy when dealing with sensitive, complex and/or confidential issues; establish and maintain highly effective customer-focused working relationships with all levels of management, employees, consultants, contractors, vendors and others encountered in the course of work.
• Training and Experience: A typical way of obtaining the knowledges, skills and abilities outlined above is graduation from a four-year college or university with major coursework in computer science, information systems or a closely related field; and seven years of progressively responsible professional information technology experience involving network/systems infrastructure administration and security; or an equivalent combination of training and experience.
• Licenses; Certificates; Special Requirements: A valid Nevada driver's license and ability to maintain insurability under the District's Vehicle Insurance Policy may be required for certain assignments. Current CompTIA Security+ certification and certification as a Certified Information Systems Security Professional (CISSP), or comparable certifications, are required.

Nice To Haves

• Experience in a government or public utility setting is highly desirable.

Responsibilities

• Provides leadership and works with staff to ensure a high performance, customer service-oriented work environment that supports achieving department and District/SNWA mission, objectives and values regarding team building and employee empowerment; applies process improvement and quality management principles to assigned areas of responsibility; leads and promotes stewardship of organization and environmental resources.
• Plays a key role in facilitating development and implementation of the cyber security management governance structure; develops, recommends and coordinates implementation of a strategic, comprehensive enterprise information technology cyber security framework; participates in researching, developing, recommending, maintaining and updating security policies, standards, procedures and applications; prepares periodic reports on the status of cyber security and information assurance programs and security risk and compliance issues to be addressed; participates in ensuring that District/SNWA information security programs are in compliance with all applicable federal and state law and regulations.
• Designs, coordinates and participates in security audits, evaluations and risk assessments of technology operations, systems and infrastructure utilizing the National Institute of Standards and Technology (NIST) Risk Management Framework, SANS Twenty Critical Security Controls and other standards; takes action, presents recommendations and works with other IT staff and department business units to remediate any identified sources of potential risk and non-compliance; ensures best security practices are in place in software development and integration projects; defines security tests, certifications and evaluations of applications and general support systems involved in processing sensitive and/or confidential information in accordance with established standards; audits the firewall rule base and monitors all firewall activities; monitors remote systems access; manages encryption security standards for hosts and corporate SSL certificates.
• Coordinates, configures and uses a variety of monitoring systems, tools and processes, such as vulnerability management, data loss prevention (DLP) and network visibility for malware and security event detection, to monitor day-to-day internal and external security events, staying alert for any early indicators of potential security threats; analyzes network, computer and applications performance, looking for events and trends that signal intrusions, denial-of-service, unauthorized access and an ever increasing number of cyber-attacks from threat vectors and threat actors; conducts monthly vulnerability assessment and mitigation efforts in the network DMZ; interacts on a daily basis with Managed Security Service Providers (MSSPs) and staff to ensure proper operation of security appliances and services.
• Leads and participates in the work of the Cyber Incident Response Team (CIRT) in assessing and taking rapid action to resolve security and network event escalations following a cyber-security incident, through disaster recovery or other processes; gathers evidence regarding cybercrimes and submits malware sample to appropriate law enforcement and other agencies for analysis and correlation.
• Analyzes and assesses security vulnerabilities in the infrastructure (software, hardware, networks, etc.); investigates available tools and countermeasures to remedy detected vulnerabilities and recommends solutions and best practices; audits systems administration processes to ensure sound control systems are in place for the granting of user access and privileges and to ensure the timely removal of access for employees leaving District/SNWA employment; analyzes and assesses potential damage to data/ infrastructure as a result of a cyber-security incident, examines available recovery tools and processes and recommends solutions; researches, evaluates, recommends and implements cyber security-related devices and software.
• Designs and participates in annual and periodic delivery of information security awareness training for IT managers and employees and employees in department business units; educates system users on their roles in maintaining information and cyber security; creates security documentation for system users; participates in advocating for effective information management security processes and practices on an enterprise-wide basis.
• Leads, coordinates and participates in District assessments and initiatives to meet or exceed standards established by the Payment Card Industry (PCI); works with Legal and other departments to evaluate and implement compliance strategies to meet or exceed requirements; meets with business units and vendors to modify procedures and processes as needed to comply with requirements; coordinates and participates in development of documentation of the compliance program and actions taken.
• Drafts Request for Proposals, evaluates responses and recommends vendor selection; drafts language and negotiates and administers vendor contracts; monitors and prepares status reports on project progress; reviews and makes recommendations on contract change requests; makes recommendations on deliverables developed by vendors/consultants; conducts project team meetings; meets with project technical and management steering committees on project issues and progress; coordinates project completion to ensure accountability for results.
• Coordinates and integrates cyber security program activities with other IT units and divisions; organizes and coordinates activities across multiple customer business units.
• Monitors emerging trends, new developments and best practices in cyber security and related disciplines to bring technology and business intelligence and advice to District and department managers.
• Maintains up-to-date technical knowledge by attending educational workshops, reviewing professional publications, establishing personal networks and participating in professional associations.
• Represents the department on committees and teams for major District-wide projects and prepares analyses, reports and recommendations on such projects; acts as project manager for analytical studies performed by outside consultants.
• Performs special analyses and projects as assigned; writes technical and non-technical reports and correspondence.