What are the responsibilities and job description for the Information Security Analyst position at City of College Station?
Under general direction of the Chief Information Security Officer, the Information Security Analyst is responsible for monitoring security protocols for the protection of the organization’s computer networks and information, ensuring confidentiality, integrity and availability of information systems and assets in compliance with organizational policy, regulatory requirements, federal and state laws, accreditation standards, and industry standards.
- Assist with planning, implementation, and maintenance of comprehensive enterprise-wide Information Security policies, strategies, and systems that protect the organization information systems in accordance with applicable laws, regulatory requirements, and industry standards.
- Plan, implement, troubleshoot, and maintain the necessary technical systems, controls, policies, or procedures to protect information systems assets and data from intentional or inadvertent disruption, modification, disclosure, or destruction.
- Safeguard system security and improve overall server and network efficiency by training users, promoting security awareness, and conducing security related training for City staff on information security standards, policies, and best practices.
- Manage the installation and use of firewalls, data encryption, and other security tools and applications to conceal and protect transfers of confidential digital information.
- Perform risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures, including but not limited to conducting periodic network scans and penetration testing to simulate an attack on the system to identify exploitable weaknesses or other vulnerability, monitoring networks and systems for security breaches, using software that detects intrusions and anomalous system behavior.
- Lead the incident response in the event of a security breach, including but not limited to identifying steps to minimize the impact, conducting a technical and forensic investigation, determining the extent of the damage, and recommending programming and /or process changes.
- Identify and communicate current and emerging security threats and implement security architecture elements to mitigate threats as they emerge.
- Participate in ongoing enforcement and monitoring activities related to security and privacy in compliance with organizational policy, regulatory requirements, federal and state laws, accreditation standards, and industry standards.
- Communicate or collaborate with city staff, managers, administration, external technology representatives, vendors and support staff to identify security threats and violations.
- Perform other related work assignments, as required.
Required:
Bachelor’s degree in Computer Science, MIS or related field and three (3) years of professional Information Systems or Information Security experience; or an equivalent combination of education and experience. One or more of the following certifications: CED, Certified Ethical Hacker, GSEC, SANS GIAC Security Essentials, CompTIA Security , Cisco CCENT, Cisco CCNA. Demonstrated problem-solving and analytical skills. Proficient, or able to gain proficiency with a broad array of security software application tools. Proficient in Microsoft Office Suite or related software. Thorough understanding of computer-related security systems, including firewalls, encryption, and password protection and authentication. Excellent verbal and written communication skills.
Preferred:
Five (5) years’ professional experience in Information Systems including four (4) years in Information Systems Security. One or more of the following certifications: CISSP, CISM, CISA, Cisco CCNP, ACCA, ACCP, ACNSA.
SPECIAL REQUIREMENTS:
Drug Screening: Due to the safety and/or security sensitive nature of this position, individuals shall be subject to pre-employment or pre-placement drug and/or controlled substance testing as outlined in City policy.
Additional Criminal Background Screening Required: In addition to the standard pre-employment criminal background check, individuals receiving a conditional offer for this position shall be subject to a fingerprint- based background screening due to the required access to secured buildings and/or secure data systems.
Salary : $11 - $0