Senior Cybersecurity Analyst

Print Subscribe

Class Title

Senior Cybersecurity Analyst

Class Code

1323

Salary

$102,933.74 - $125,140.47 Annually

• Definition

• Benefits

Classification Description Summary

Under limited direction of the department director, performs a variety of day-to-day operations of the in-place security solutions protecting hardware, software, and networks from cybercriminals; identification, investigation, and resolution of security breaches detected by in-place security systems; involvement in the implementation of new security solutions; participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures; conducts vulnerability audits and assessments; maintains an awareness of the enterprise’s security goals as established by the City of Reno’s policies, procedures, and guidelines; and actively works toward upholding those security goals.

Essential Functions

The following duties are typical for this classification. Incumbents may not perform all of the listed duties and/or may be required to perform additional or different duties from those set forth below to address business needs and changing business practices.

Participate in the planning and design of enterprise security architecture, under the direction of the IT Director, where appropriate.

Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Director, where appropriate.

Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the IT Director, where appropriate.

Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).

Serve as the central point of contact for the City regarding information technology related incidents or violations; investigate security violations.

Maintain operational configurations of all in-place security solutions as per the established baselines.

Monitor all in-place security solutions for efficient and appropriate operations.

Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.

Evaluate operations and activities of assigned responsibilities; recommend improvements and modifications; prepare various reports on operations and activities.

Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.

Provide on-call support for end users for all in-place security solutions.

Ensure the city-wide network meets all state, federal, and local security compliance requirements.

Represent the Department of Information Technology on committees, outside organizations, and at staff subcommittees.

Perform related duties as required.

Minimum Qualifications

The following generally describes the knowledge and ability required to enter the job and/or be learned within a short period of time in order to successfully perform the assigned duties.

Knowledge of :

CyberSecurity principles, concepts, policy and regulations.

A broad understanding of security technologies including firewalls, proxies, SIEM, antivirus software, and Intrusion Detection and Prevention (IDPs) systems

Advanced principles and practices of system design, development, analysis, testing, and security administration.

Advanced methods and techniques of evaluating information security requirements and developing security solutions for City systems.

Advanced methods and techniques of developing data security, privacy, integrity, backup, and recovery processes.

Common cyber security tools and issues.

Best practices related to cyber security.

Project management methodologies.

Advanced principles and practices of systems and procedures analysis and design.

Standards and methods related to computerized data systems analysis and use.

Principles and practices of technical and functional or direct supervision and staff training.

Written documentation methods related to highly complex technical work.

Ability to :

Organize, implement, and direct City-wide cybersecurity functions.

The ability to identify and spotlight vulnerabilities on on-premises and remote networks, correct problems, and prevent security breaches

Plan, develop, establish, monitor, and maintain system security strategies.

Install, Setup, Configure cybersecurity related tools such as vulnerability management software, log analyzer, etc.

Prepare and analyze security reports and communicate with the executive team.

Interpret and explain pertinent emergency preparedness and related policies and procedures.

Stay current on evolving cyber events, news, threats, technologies, and defensive techniques and apply the latest knowledge learned.

Serve as technical advisor regarding information security and train staff on best practices.

Assist in the development and monitoring of an assigned area’s budget.

Develop and recommend policies and procedures related to assigned operations.

Effectively manage and implement the complex cybersecurity projects.

Communicate clearly and concisely, both orally and in writing.

Maintain confidentiality as necessary.

Interpret and apply federal, state, and local policies, laws, and regulations pertaining to information security and integrity.

Effectively prioritize and execute tasks in a high-pressure environment.

Education and Experience Guidelines - Any combination of education and experience that would likely provide the required knowledge and abilities is qualifying. A typical way to obtain the knowledge and abilities would be:

Education/Training :

A Bachelor’s degree from an accredited college or university in Computer Science, Information Technology, or a closely related field.

Experience :

Three years of progressively responsible work experience related to security disciplines (Applications, data, networking) with a focus on cybersecurity operations.

Experience in any of the following fields is preferred: CJIS, HIPAA, HITECH, or PCI-DSS

OR

Two years of experience as a Network Analyst, Systems Analyst, Senior Systems Analyst, or a Senior Network Analyst with the City of Reno.

License or Certificate

Possession of an appropriate, valid driver’s license.

One of the following certifications are required:

CompTIA Cybersecurity Analyst (CySA+); or

CompTIA Network+; or

GIAC Security Essentials Certification (GSEC); or

Cisco Certified Network Associate Security (CCNA); or

Systems Security Certified Practitioner (SSCP); or

Any other CyberSecurity certification.

Supplemental Information

PHYSICAL DEMANDS AND WORKING ENVIRONMENT

The conditions herein are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.

Environment: Work is performed primarily in a standard office setting with some travel from site to site; incumbents may be required to work extended hours including evenings and weekends.

Physical: Primary functions require sufficient physical ability and mobility to work in an office setting; to stand or sit for prolonged periods of time; to occasionally stoop, bend, kneel, crouch, reach, and twist; to lift, carry, push, and/or pull light to moderate amounts of weight; to operate office equipment requiring repetitive hand movement and fine coordination including use of a computer keyboard; and to communicate verbally and in writing to exchange information. Essential and supplemental functions may also require maintaining physical condition necessary for lifting equipment weighing up to 50 pounds.

Please use this Health and Welfare Benefit Link (http://www.reno.gov/government/departments/human-resources/benefits) to learn more about the City of Reno's great employee benefit plans and wellness programs.

Subscribe

Please verify your email address Verify Email