Job Description
Cyber Security Analyst
(Information Technology)
Pay Range: $70,761.60 – $74,299.68
Shift: Monday – Friday, 8:00 AM – 5:00 PM (40 Hours/Week)
Location: 330 West Church Street Bartow, FL 33830
Health Benefits Package, Including Paid Holidays
Must have the physical, developmental and mental ability to perform job tasks, work efforts, responsibilities and duties of the job illustrated below:
MAJOR FUNCTION
The IT Security Analyst is responsible for supporting the county’s security awareness, vulnerability management, and security information and event management programs for the Polk County Board of County Commissioners. This role provides for the planning, execution, remediation tracking, reporting, and metric generation for the each of the information security program areas. The candidate will leverage various tools to perform security awareness, vulnerability management scanning, remediation tracking, and incident response, they also will act as the subject matter expert (SME) for all vulnerability management activities.
ILLUSTRATIVE DUTIES
- Configure scanning tools to execute scans at scheduled time.
- Primary support and central point of contact for vulnerability monitoring and metrics reporting tools.
- Manage security awareness tool set, configure, and run security awareness.
- Participate in focus groups to help define security requirements for new and emerging technologies.
- Oversee security related tasks for existing and future systems, networks, and software.
- Use elevated access privileges in an ethical and professional manner with appropriate regard for privacy and confidentiality.
- Monitor and research information security threats, as well as assess customer data, looking for and investigating repeating trends, attacks, malicious IPs, and anomalous events.
- Execute the security awareness training and simulated phishing test schedule.
- Working knowledge of network concepts: TCP/IP, DNS, DHCP, VPN and troubleshooting connectivity
- Strong troubleshooting, problem solving, and creative thought-processing skills.
- Experience with industry CVE information
- Knowledge of CVSS and how to apply it to an organization.
- Knowledge of security awareness and tool sets
- Strong writing and documentation acumen
- Certifications such as CISA, Security+
- Responsible for creating and maintaining workflow documentation for security tool sets.
- Analyze scan results, prepare results reports, create remediation-tracking.
- Support and manage security badge system; maintain process for creating, modifying, and retiring security badges.
- Work with operations teams to perform baseline scans on new hardware, applications, and systems as they are brought on-line.
- Support and leverage Security Information & Event Management (SIEM) tool sets
- Develop a process to detect, analyze, document, and eliminate false positives.
- Assess finding criticality and prioritize findings based upon defined prioritization matrix.
- Track findings to ensure the operations teams resolve/remediate findings by the defined target date.
- Generate key performance indicators (KPIs) to create vulnerability management metrics.
- Track and determine applicability of Common Vulnerabilities & Exposures (CVEs)
- Performs other duties as assigned.
KNOWLEDGE, ABILITIES AND SKILLS
- Experience with a SIEM suite (e.g. LogRhythm, Splunk)
- Knowledge of Mobile Device Management (MDM) tools such as Meraki, Airwatch
- Knowledge of Apple iOS, Microsoft, Linux based Operating Systems, installation, configuration, and licensing.
- Experience with Help Desk tracking or ticketing systems
- Working knowledge of wired and wireless networking
MININUM QUALIFICATIONS
- Graduate of an accredited two (2) year community college or technical/vocational school and have a minimum of one (1) years’ experience in the support of large computer networks.
- Experience with vulnerability scanning tools and processes is desired, as well as professional certifications such as A+, Security +, or relevant vendor certifications.
- An equivalent combination of education, training and experience which provide the necessary knowledge, skills, abilities, and other competencies necessary for success in the target position may be considered.
SPECIAL REQUIREMENTS
Must provide and utilize personal transportation in daily travel to remote sites to perform service calls.
Must have a home telephone (or primary cell phone) within thirty (30) days of employment in this classification as employee is subject to call out.
This position is subject to being placed ‘Stand By’ / ‘On Call’ for scheduled nights and/or weekends.
This position may be required to report for work when a declaration of emergency has been declared in Polk County.