Security Analyst - Information Security - Technology Services

Description

The Security Analyst is responsible for ensuring the security, confidentiality, integrity, and availability of the county’s IT infrastructure and sensitive data.

The position is responsible for analyzing information, monitoring, and detecting security events and incidents to stop threats from damaging information systems and networks.

This position is responsible for supporting compliance with CJIS, HIPAA, PCI, and other applicable security requirements and regulations.

The position analyzes and helps resolve newly discovered security vulnerabilities and / or alerts. The position interacts with all IT functions to assure compliance and adherence to security policies and best practices.

The Security Analyst also acts as a liaison for managed services, as needed. The Security Analyst is required to provide excellent customer service, resolve problems in a timely manner, communicate effectively, and be a positive contributor to the Denton County Technology Services Team.

Examples of Duties

Reviews security alerts and takes steps to remediate the alert to protect information systems and networks against unauthorized access, modification, or destruction.

Reviews vulnerabilities and software patches. Leads the vulnerability management program and works with department teams to ensure the success of the vulnerability management program.

Tracks action items from related meetings.

Monitors file, network, and security access and examines network, server, and application logs to determine trends and identify security incidents.

Monitors technology throughout the county for adherence to security best practices to achieve a greater overall security posture.

Maintains various data repositories related to security configurations, incidents, and security trends.

Plans, implements, and upgrades security measures and controls. Ensures permissions are based on least privilege.

Conducts internal and external security audits, vulnerability testing, and risk analysis.

Analyzes security alerts and breaches to determine their root cause.

Manages network, intrusion detection, and prevention systems.

Recommends and installs appropriate tools and countermeasures.

Works with third-party vendors to verify their security posture and compliance with county security requirements.

Coordinates incident response activities during a security incident. Tracks action items from related meetings.

Follows county policies and best practices related to information security; exercises good judgment to protect the confidentiality, integrity, and availability of Denton County computer systems and electronic records;

supports compliance with CJIS, HIPAA, and other information security regulations.

Displays and reflects the culture, mission, vision, values, and direction of the department.

Regular and punctual attendance is required.

Performs other related duties as required.

Minimum Qualifications

Associates degree in related field and a minimum two years of experience in a related field; or an equivalent combination of education and related experience required.

Position may require various computer or technical related certifications.

Possession of a valid driver's license required. Must obtain a valid Texas driver's license within 90 days of employment.

Must not have any Class B misdemeanor or higher convictions or deferred adjudications.

Certification in one or more of the following preferred :

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Penetration Tester (CWAPT)
• CompTIA Security+
• CompTIA Network+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)
30+ days ago