Cyber Security Analyst bei Santa Clara Valley Transportation Authority

About the Department

What You'll Be Doing
Definition
Under general supervision, the Cyber Security Analyst plans, analyzes, and implements data security measures and controls related to VTA's computer networks and other technology systems.

Distinguishing Characteristics
This journey-level professional classification is responsible for coordinating and managing VTA's cyber security activities and programs.  An incumbent in this class is expected to independently plan, implement, and upgrade cyber security measures and controls and actively combat security intrusions.  This position assists with sensitive and confidential employee relations and legal data security issues, and an incumbent may provide leadership or technical assistance in projects involving protection of confidential data against unauthorized access.

This classification differs from other technology classifications in that it specializes in ensuring data security, mitigating cyber security risks, and safeguarding VTA's computer networks and related systems against security intrusions.

The Ideal Candidate
The ideal candidate for this position is a proven cybersecurity professional with strong technical expertise in safeguarding enterprise systems, networks, and sensitive data. They will bring hands-on experience in monitoring and responding to cyber threats, conducting vulnerability assessments, and implementing advanced security controls. Skilled at balancing technical precision with practical risk management, they demonstrate sound judgment, discretion, and the ability to handle confidential information. This candidate is an effective communicator who can translate complex cybersecurity concepts into clear guidance for both technical teams and non-technical stakeholders. They are proactive, adaptable to emerging threats, and capable of leading projects or providing direction to others while fostering collaboration across departments and with external partners.

Position Duties

Typical Tasks

• Establishes protocols to protect digital files and information systems against unauthorized access, modification, and/or destruction;
• Monitors networks, email system, and server farm in real time to identify and combat security intrusions;
• Plans and implements cyber security measures and controls;
• Researches cyber security software tools and countermeasures; recommends and installs hardware and software programs to mitigate security risks;
• Researches, examines, aggregates, refines, and presents data sets based on keyword, email, and/or internet history searches;
• Monitors intrusion detection and prevention systems;
• Performs network vulnerability testing, risk analyses, and cyber security assessments; resolves vulnerability issues;
• Plans and conducts internal and external cyber security audits; interprets and documents audit results; recommends and implements corrective actions;
• Defines, implements, and maintains agency cyber security policies;
• Reviews firewall logs and investigates intrusion attempts;
• Investigates and analyzes security breaches to identify root cause;
• Coordinates cyber security plans, activities, and projects with other technology personnel and outside vendors;
• Monitors and evaluates cybercrime bulletins from local, state, and federal law enforcement agencies; coordinates with law enforcement cybercrime teams;
• Provides training to VTA employees on cyber security awareness and data security procedures;
• Collaborates with other departments and VTA management to improve cyber security and manage risks;
• Prepares audit reports, memoranda, and other documents; makes verbal presentations on audit findings/recommendations;
• May provide lead direction to other employees or contractors as assigned;
• Performs related duties as required.

Minimum Qualifications

Employment Standards
Training, education, and experience, which demonstrates possession of the required knowledge, skills, and abilities.

Development of the required knowledge, skills, and abilities is typically obtained through a combination of training, education, and experience equivalent to graduation from an accredited college or university with a four-year degree in computer science or a related field, and two (2) years of increasingly responsible experience performing technical and analytical duties in coordinating and managing cyber security programs and initiatives.

Additional professional experience implementing cyber security measures and actively combatting security intrusions may be substituted for education on a year for year basis.

Other Qualifications

Knowledge of:

• Principles and practices of cyber security, digital access control, and intrusion detection and prevention;
• Operational characteristics of computer networks, server farms, and technology systems administration;
• Cyber security vulnerability testing and risk analysis;
• Methods and techniques for managing and mitigating cyber security risks;
• Principles and practices of cyber security audits and audit documentation;
• Current cyber security technology tools and countermeasures;
• Laws and regulations pertaining to cyber security and confidential data;
• Principles and practices of lead supervision and training. 

Ability to:

• Establish plans and protocols to protect VTA's data against unauthorized access, modification, and/or destruction;
• Monitor technology infrastructure in real time; effectively identify and combat security intrusions;
• Research, recommend, and install cyber security software tools and countermeasures;
• Develop and implement agency-wide cyber security policies;
• Use discretion and maintain confidentiality when necessary;
• Conduct internal and external cyber security audits; interpret and document audit results; recommend and implement corrective actions;
• Evaluate the effectiveness of cyber security tools and countermeasures and develop cost-effective solutions;
• Prepare reports and supporting recommendations;
• Keep up-to-date on cyber security threats and stay current on intrusion detection and prevention hardware and software technologies;
• Make effective verbal presentations; communicate technical information to non-technical audiences;
• Work odd and unusual hours, including weekends and holidays, or on-call as assigned;
• Establish and maintain effective working relationships with those contacted in the course of work.

General Application Instructions
Please read this job announcement in its entirety before applying. We recommend printing or saving a copy for future reference.

To be considered, applications must be submitted online through the Human Resources department by the posted deadline. If the job posting is listed as “continuous,” we encourage you to apply as soon as possible, as the posting may close without prior notice. Once your application is submitted, you will receive an immediate email confirmation.

Important: Only online applications will be accepted for this recruitment. We do not accept paper applications, resumes, Job Interest Notification Cards, or incomplete/unsubmitted applications in place of a fully completed application.

Communication & Contact Information
All updates regarding your application—including notices for testing and interviews—will be sent via email. Be sure to select email as your preferred method of communication and maintain a valid, up-to-date email address. Applicants are also responsible for keeping their phone numbers and mailing addresses current in their online profiles.

Due to the high volume of applications, we are unable to provide individual updates. Please check your application status through your online account. For technical support, contact NEOGOV at (855) 524-5627, Monday through Friday, 8:00 AM – 5:00 PM (PST), excluding holidays.

Application Review & Processing
All current and prior relevant work experience—including experience with VTA—must be fully detailed in the Work Experience section of your application. Entries such as “see resume” are not acceptable. Incomplete or improperly completed applications may be rejected, even if you meet the minimum qualifications.

While you are welcome to upload a resume, it does not substitute for completing the online application in full. Be sure that your application accurately reflects the education and experience necessary for the position.

Applications are reviewed throughout the recruitment process to determine whether candidates meet the minimum qualifications. Meeting these minimums or advancing through any stage does not guarantee further consideration. Any misrepresentation or falsification of qualifications, experience, education, or training may result in disqualification and/or exclusion from future employment opportunities with VTA.

Jetzt bewerben