Senior Security Analyst (ITS-Civil Service)

About The Position

Requirements

• Knowledge of mainframe, PC, network, and Internet hardware, architecture, operating systems, and software.
• Knowledge of systems programming or applications programming.
• Knowledge of security software packages.
• Knowledge of information access techniques and technologies.
• Ability to review security policies, analyze risk, and make recommendations.
• Ability to remain on call for emergencies.
• Communicating effectively verbally and in writing.
• Establishing and maintaining effective working relationships.
• EDUCATION: Bachelor's degree in computer science, science, math or business fields.
• EXPERIENCE: Three (3) years of operational experience in information security administration, including management and support of Microsoft Windows Active Directory, Intrusion Detection and Prevention Systems (IDS/IPS), CrowdStrike, SIEM platforms, and Okta or comparable security technologies.
• LICENSES: Valid driver's license with good driving record
• OTHER REQUIREMENTS: Must be able to pass a TSA background check. Subject to twenty-four/seven (24/7) emergency call- out for some divisions.

Responsibilities

• Assesses, evaluates, identifies, and determines information risk; facilitates remediation measures of identified vulnerabilities for IT security and IT risk across the City of Dallas IT infrastructures; reports on findings and makes recommendations for corrective action; performs vulnerability assessments as assigned utilizing IT security tools and methodologies.
• Designs, installs, and maintains security software packages; issues passwords and proper authorization for system access to ensure protection of computer software and data files on the City's mainframe and LAN computers.
• Analyzes changes in the operating system, data fields, and software to ensure appropriate safeguards are maintained on the system; evaluates and analyzes alarms from the security applications and respond accordingly; reviews reports from the systems.
• Develops procedures and contingency plans for disaster recovery including establishing off-site storage of back-up computer tapes; tests the procedures to ensure adequate recovery can be accomplished for data files and software.
• Performs and conducts internal audits of computer facilities to ensure operating procedures are being followed and develops risk analysis and vulnerability studies of software and physical security.
• Communicates with vendors, users, and system programmers to coordinate the development and implementation of enhancements and maintenance to the installed security software systems.
• Develops and drafts detailed reports on security measures and risk mitigation activities.
• Performs any and all other work as needed or assigned.