Senior Information Security Analyst

This position, under general supervision, is responsible for performing routine tasks daily. Key responsibilities include protecting the City's data and critical infrastructure assets. This involves conducting security analyses, performing tests, and managing security systems. The role also entails leading and handling security incidents, directing response strategies, providing guidance to other analysts, spearheading the City's vulnerability management program, and assess systems, solutions, vendors, and networks for compliance with established standards and City policies.

ESSENTIAL JOB FUNCTIONS:
1. Leads analysis, testing, and maintenance of security solutions, including vulnerability management.
2. Serves as a Subject Matter Expert (SME) and Technical Lead on the incident response team, executing incident response plans, and security playbooks. Investigates security alerts and exercises independent judgment to determine the need for further escalation to incident response.
3. Leads the vulnerability management program, including scanning, identification, and remediation of vulnerabilities.
4. Leads assessments of systems, networks, and cloud solutions to identify deviations from best-practices or City standards.
OTHER JOB FUNCTIONS:
5. Leads security initiatives, including threat hunting, analyzing intelligence, and incident escalation, while mentoring peers in security and privacy practices across City departments.
6. Manages the City’s security training program, ensuring staff are aware and trained in security protocols.
7. Conducts comprehensive risk assessments, evaluates security controls across devices, networks, and cloud services, and provides recommendations to mitigate risks.
8. Participates in business continuity and disaster recovery planning, liaising with departments on operational security issues, and staying updated with industry best practices and emerging threats.

MINIMUM QUALIFICATIONS:
Knowledge, Skills, and Abilities:

• Knowledge of security frameworks and standards (e.g., ISO 27001, NIST, CIS)
  
• Knowledge of regulatory compliance requirements (e.g., CJIS, HIPAA)
  
• Knowledge of network and system protocols and technologies (e.g., TCP/IP, DNS, firewalls)
  
• Knowledge of intrusion detection and prevention systems (IDS/IPS)
  
• Knowledge of identity and access management (IAM) principles and technologies, such as Active Directory, Azure, and Okta.
  
• Knowledge of encryption algorithms and protocols
  
• Knowledge of web application security and common vulnerabilities (e.g., OWASP Top 10)
  
• Knowledge of cloud security principles and best practices
  
• Knowledge of mobile security principles and threats
  
• Knowledge of security incident management processes
  
• Knowledge of security assessment and auditing techniques
  
• Knowledge of endpoint security solutions and practices
  
• Knowledge of data loss prevention (DLP) technologies
  
• Knowledge of security risk assessment methodologies
  
• Ability to develop and implement security policies, standards, and procedures.
  
• Ability to conduct security risk assessments and recommend controls.
  
• Ability to perform vulnerability assessments and penetration testing.
  
• Ability to design and implement security controls for network and systems.
  
• Ability to monitor security systems and respond to incidents.
  
• Ability to investigate security incidents and conduct root cause analysis.
  
• Ability to develop incident response plans and playbooks.
  
• Ability to collaborate with cross-functional teams on security projects.
  
• Ability to stay current with emerging security technologies and trends.
  
• Ability to evaluate and select security solutions and vendors.
  
• Ability to perform security gap analysis and remediation.
  
• Ability to maintain documentation of security processes and procedures.
  
• Ability to coordinate with external auditors for security audits.
  
• Ability to manage and administer security tools and systems.
  
• Ability to participate in security incident response tabletops.
  
• Skilled in implementing and managing security controls and technologies.
  
• Skilled in analyzing and responding to security incidents.
  
• Skilled in conducting vulnerability assessments and penetration testing.
  
• Skilled in developing and maintaining security policies and procedures.
  
• Skilled in performing risk assessments and implementing risk mitigation strategies.
  
• Skilled in incident response planning and execution.
  
• Skilled in conducting security awareness training and education.
  
• Skilled in coordinating with external stakeholders for security initiatives.
  
• Skilled in evaluating and selecting security solutions and vendors.
  
• Skilled in problem-solving and troubleshooting security-related issues.
  
• Skilled in communicating complex security concepts to non-technical stakeholders.
  
• Skilled in managing multiple security projects simultaneously.

Qualifying Education and Experience:

• Bachelor’s degree
  
• 4 years of experience in Information Security or privacy roles.
  
• Experience with incident response, vulnerability management, security assessments, and penetration testing is highly desirable.
• Or an equivalent combination of education and experience.

Preferred Education and Experience:

• Certified Information Systems Security Professional (CISSP)
  
• Certified Information Security Manager (CISM)
  
• Certified Ethical Hacker (CEH)
• CompTIA Security+

Employment Screenings Required:

• Criminal Background Check
  
• CJIS Screening