Hybrid IT SECURITY ANALYST bei City of Columbia, SC

About the Department

The security analyst position involves safeguarding the city's information systems and data from cyber threats. This includes developing and implementing security measures, monitoring for breaches, responding to incidents, and ensuring compliance with policies and regulations. The analyst also conducts risk assessments, develops mitigation plans, and provides training to city staff. This position provides technical assistance with the design, installation, operation, service and maintenance of a variety of multi-user information security systems; manages the City’s virus detection systems; content filtering systems, intrusion detection/prevention systems, security incident and event management systems (SIEMs), and vulnerability management/assessment systems; performs related work as assigned.

The Security Analyst is responsible for developing and implementing an overall information security vision, strategy, and program to protect the city's assets. The Security Analyst will function as a primary security expert, responsible for development and maintenance of any needed policies, standards, processes, and playbooks related to the implementation of the responsible disciplines and programs. This role will also be responsible for ensuring that the implementation of all related security controls and technologies.
 
 The Security Analyst will establish and maintain positive and productive relationships through ongoing dialogue with department direct reports, technology leaders, internal business partners, and senior management. He/she will report status, manage issues and mitigate risks, calling out issues/risks to upper management as appropriate.

The work is considered sedentary in nature and involves walking or standing some of the time and involves exerting up to 10 pounds of force on a recurring basis, and occasionally more up to 50 pounds, and routine keyboard operations. The work requires the following physical abilities to perform the essential job functions: grasping, handling, hearing, kneeling, lifting, mental acuity, pulling, pushing, reaching, standing, visual acuity, and walking.

Work environment involves exposure to no known environmental hazards; and is demands that requires sensitivity to change and responsiveness to changing goals, priorities, and needs.

Position Duties

• Develops, implements, and maintains IT security solutions including Unified Threat Management (UTM's), anti-virus solutions, intrusion detection/prevention, and Data Loss Prevention (DLP) technologies.
• Conduct regular risk assessments to identify vulnerabilities and develop mitigation plans.
• Monitor systems for security breaches, responding to incidents, and providing guidance to staff during security events.
• Develops, implements, and maintains a roadmap to define short term and long-term strategies as well as activity, funding, and resource requirements.
• Assists with security awareness initiatives in the form of emails, newsletters, training, and anti-phishing awareness campaigns.; 
• Researches, evaluates and recommends information security related hardware and software including development of businesses cases for security investments..
• Collaborates with network and system administrators to identify network and system vulnerabilities and develop appropriate solutions to eliminate or minimize their potential effects.
• Assist with the implementation and maintenance of security systems and infrastructure.
• Identifies anomalous activity that could indicate an insider poses current or potential risk to the enterprise.
• Maintain accurate records of security incidents, risk assessments, and other relevant information.
• Collaborates with IT staff in the evaluation of new software and hardware systems, particularly as they relate to security; Review new system designs and major modifications for security implications prior to its implementation.
• Investigates and documents actual or potential information security incidents; provides periodic reporting of information security incidents.
• Assists with managing the City’s security portal which serves as a repository of policies, procedures, and standards.
• Works with the State of South Carolina Office of Information Technology to perform basic forensic analysis of compromised systems;
• Educate city staff on security best practices and raising awareness of potential threats.
• Attends training, seminars and conferences as appropriate to enhance job knowledge and skills; and
• Performs other related duties as assigned.
   

Minimum Qualifications

MINIMUM REQUIREMENTS TO PERFORM WORK: 

• Bachelor’s degree in computer science, network engineering or closely related field;
• Three (3) years of relevant prior experience;
• Valid South Carolina Class “D” Driver’s License.

• Five years of experience in municipal or governmental environment
• Technical knowledge of TCP/IP, Network Routing Protocols
• Technical experience working with one or more of the following technologies: Cisco networking solutions, , LogRhythm ForcePoint, , Trend Micro, 
• Familiarity with NIST and/or MITRE security frameworks preferred
• Industry standard certifications
• Experience working with IT core infrastructure - i.e. HP, Dell, VMware
• Detailed security knowledge including Malware detection, network intrusion prevention, and Security Information Event Management Systems (SIEM)

Other Qualifications

• Ability to multi-task and work independently.
• Experience in security best practices and their application within enterprise infrastructure, networking, operating systems, and cloud environments.
• Familiarity with OWASP, NIST, ISO, CIS, SANS and other relevant guidelines and frameworks
• Familiarity with Azure, Cisco and Microsoft security products
• Fundamental knowledge of industry standard security tools, including deployment, administration, and usage, in order to conduct security assessments, procedures for vulnerability scanning, reporting, and remediation.
• An understanding of IT and Security fundamentals (Infrastructure, Operating Systems, Virtualization, Networking Concepts, Commands and Scripting, Network Security, Operational Security, Threats, Host Security, Access Control, Cryptography, etc.).
• A working knowledge of risk analysis and mitigation strategies and have worked with team members and stakeholders to design effective remediation.
• The ability to take ownership and accountability for assisting in developing processes and continuous improvement in networking, information security systems, protections, and incident responses.
• The ability to resolve issues and fix problems when they arise.
• Excellent organizational/project management and analytical skills
• Ability to accept the responsibility to be required to provide twenty-four (24) hour maintenance support, possibly be on call or serve on a rotating on-call team;
• Ability  to work both independently and as part of a team in a structured IT environment..