The Digital Solutions Program is seeking a Cybersecurity Analyst. The Cybersecurity Analyst’s primary role is to understand and continuously monitor the District’s IT infrastructure in detail, along with evaluating threats that could potentially breach the network, disrupt District Operations, or put sensitive data at risk. This position plans, organizes, and coordinates the District’s business continuity and disaster recovery plans for technology, along with acting as the control point for the District’s total technology and electronic data security, emergency management, and software compliance.
(The essential functions listed below are not intended to reflect all duties that may be assigned to this classification. The District may augment duties and/or essential functions at its discretion. Additionally, some incumbents may not perform all Essential Functions.)
- Evaluate the District’s cybersecurity conditions and assess risk of the environment; recommend improvements to the technological environment to reduce the potential for cybersecurity incidents.
- Monitor network traffic for security incidents and events; investigate incidents and respond to events in real time; write detailed incident response reports with forward-thinking recommendations.
- Install and operate firewalls, encryption programs, and other security hardware/software. Continually evaluate and develop improvements in endpoint management & antivirus solutions (workstations, mobile devices, IoT devices, etc.).
- Develop and promote best practices for information technology security. Identify and fix intrusions & vulnerabilities; recommend changes to technologies that are no longer safe to be used.
- Develop, coordinate, evaluate, and maintain a comprehensive business continuity and disaster recovery plan. Conduct threat research and perform periodic risk assessments & penetration tests or security audits.
- Work with all District departments in a collaborative manner to develop incident response strategies and guidelines to evaluate and improve business continuity readiness.
- Develop guidelines for incident management of information technology infrastructure environments in case of natural disasters or other critical incidents that may cause unforeseen downtime in providing information technology services.
- Develop compliance programs (including policies, user training and best practices) for affected departments and implement data security requirements as required by local, State or Federal regulations.
- Keep up with developments in the field of cybersecurity, new methodologies, and their possible application to the District. Work with District business units and Digital Solutions (DS) staff when implementing software or significant updates to it to ensure new additions to the portfolio observe industry best practices.
- Build relations with other business units and act as a resource and sounding board for cybersecurity questions and take a leading role in building cross-department best practices for security; assist in developing or recommending training as needed. Collaborate within the team to help create a positive and supportive work environment.
Experience and Training Guidelines:
Any combination of experience and training that would likely provide the required knowledges, skills, and abilities is qualifying. A typical way to obtain the KSAs would be:
5+ years of experience in cybersecurity, network hardware & operations, servers and software administration, operating and system software maintenance and administration, or related work. 3 years must include information systems security experience.
Certification and Licensure:
Related cybersecurity certifications (i.e. CISSP, CISA, CISM, etc.).