Security Analyst

Job Description

The Security Analyst performs difficult technical work, ensuring that the County's digital assets are protected from unauthorized access. This involves executing Security Operations tasks, including monitoring the enterprise security posture, phishing simulations, vulnerability tracking, incident response, security awareness training, and supporting the implementation of policies, standards, controls, and guidelines to improve security, compliance, and audit posture. The Security Analyst works as a collaborative and supportive member of the Cyber Security Team to implement security measures and best practices. This individual must be capable of working in a fast-paced environment with time-sensitive materials, show initiative, self-motivation, and attention to detail, and maintain strict confidentiality due to the nature of the work. Work is performed under regular supervision.

Examples of Duties

• Investigates reports of potential security policy, standards, and/or controls violations;
• Analyzes security breaches to determine their root causes and prepares reports that document security breaches and any damage caused;
• Collaborates to create, test, and implement network disaster recovery plans;
• Assists with performing risk assessments, internal and external vulnerability scans;
• Supports the management of network, intrusion detection, and prevention systems;
• Works with outside entities, IT personnel, and internal departments to remediate discovered vulnerabilities;
• Assists with meeting and maintaining regulatory compliance with PCI-DSS, CJIS, HIPAA, etc.;
• Installs and administers data encryption, anti-virus, and other security measures;
• Operates SIEM tuning, administering and investigating event logs;
• Collaborates to develop, implement, and update security policies and best practices;
• Assists with patch management and network equipment upgrades;
• Trains users and promotes security awareness;
• Performs other duties as assigned.

Typical Qualifications

• Deep understanding of cyber security principles, including firewalls, intrusion detection systems, anti-virus software, data encryption, vulnerability scanners, MFA, and other industry-standard techniques and practices;
• Knowledge of regulatory compliance frameworks (NIST CSF & 800-53, CJIS, HIPAA, PCI, etc.);
• Knowledge of current security threats, techniques, and landscape (threat vectors);
• Thorough knowledge of network operations (LAN, WAN, SAN, VPN);
• Strong understanding of Windows servers and Microsoft Active Directory;
• Ability to manage multiple projects with competing priorities;
• Ability to quickly and easily adapt to changing organizational needs;
• Strong written and verbal communication, interpersonal, customer service and problem-solving skills, with the ability to present ideas in business-friendly and user-friendly language;
• Ability to achieve desired results while working collaboratively in a team environment;
• Ability to work effectively with a wide range of individuals including developers, systems administrators, executives, customers, regulators, auditors, etc.