HomeMy WebLinkAboutInformation Security AnalystUpdated: March 2024
CITY OF IOWA CITY – JOB DESCRIPTION
Posi�on Title: Informa�on Security Analyst
Department: Finance
Division: Informa�on Technology Services
Supervisor: Information Technology Services Coordinator
FLSA: Exempt
Civil Service: Yes
Pay Grade: 27
Job Number: 2731
Job Summary
Plan and carry out security measures to protect an organiza�on’s computer networks and
systems.
Essen�al Job Du�es and Responsibili�es
The following duties are normal for this position. These are not to be construed as exclusive
or all-inclusive. Other duties may be required and assigned.
• Updates and maintains cybersecurity related plans and policy, such as the Incident
Response Plan, Con�nuity of Opera�ons Plan and Interconnec�on Agreements.
• Updates, maintains and audits backup and restora�on plans and policies.
• Updates, maintains and audits endpoint security solu�ons such as an�virus,
an�malware, email pre-scanning, firewalls and mul� factor authen�ca�on.
• Audits, coordinates and tests Windows and third-party updates.
• Coordinates with external security companies for pen tes�ng, vulnerability scanning and
internal staff for mi�ga�on.
• Coordinates the design, tes�ng and implemen�ng secure opera�ng systems and
applica�ons.
• Coordinates incident response, digital forensics, loss preven�on and eDiscovery ac�ons.
• Conducts risk and vulnerability assessment in the network, system and applica�on level.
• Maintains documenta�on, program lis�ngs, layouts and other records in support of
system, modifica�on and problem resolving efforts.
• Coordinates change and configura�on management plan and policy.
• Works with staff from City offices to collect, organize, update and maintain data in a
least privilege environment.
• Designs and maintains appropriate workflows.
• Coordinates the needs of various departments and government agencies in educa�ng,
establishing, and enforcing security measures.
• Conducts user needs assessments and implements effec�ve procedures and
applica�ons.
• Es�mates effort required for assigned tasks.
• Refers major hardware and so�ware problems to vendor and/or service personnel for
correc�on.
Updated: March 2024
• Reviews new technology and provides ideas and informa�on on new technology and
ways it can enhance the security infrastructure.
• Par�cipates in on-call rota�on or may be required to work extended hours.
• Conducts self in a manner which promotes and supports diversity and inclusivity in the
workplace and community.
• Performs other related du�es as assigned.
Minimum Education, Experience, Certification/Licensure, Other
• Bachelor’s degree from an accredited educa�onal ins�tu�on; or four years of related
experience and/or equivalent combina�on of educa�on and experience. Degree in
Computer Science or Informa�on Technology with emphasis on security.
• Cer�fica�ons such as SSCP, CCSP, CISSP, SANS or equivalent. Security+ cer�fica�on with
first six months of employment. CySA+ or CASP+ within 12 months of employment. Must
pass criminal background check.
Preferred Education, Experience, Certification/Licensure, Other
• Bachelor’s degree from an accredited educa�onal ins�tu�on and one year of related
experience; or five years of related experience and/or equivalent combina�on of
educa�on and experience. Knowledgeable of Cyber Kill Chain, Diamond Model of
Intrusion Analysis, SIEM, IDS, an�-virus/an�-malware and firewall technologies, and
understanding of networking and TCP/IP. Experience with Windows Server, Windows 10,
Windows 7, and Linux.
Knowledge, Skills, and Abili�es
• Ability to add, subtract, mul�ply, and divide in all units of measure, using whole
numbers, common frac�ons, and decimals, ability to compute rate, ra�o, and percent.
• Ability to develop their own skills and those of others.
• Ability to effec�vely present informa�on and respond to ques�ons from groups of
managers, clients, customers, and the general public.
• Ability to exercise leadership skills and influence effec�vely, ability to resolve
impediments in a �mely manner.
• Ability to interpret a variety of instruc�ons furnished in writen, oral, diagram, or
schedule form.
• Ability to read, analyze, and interpret general business periodicals, professional journals,
technical procedures, or governmental regula�ons.
• Ability to reliably and predictably carry out du�es.
• Ability to solve prac�cal problems and deal with a variety of concrete variables in
situa�ons where only limited standardiza�on exists.
• Ability to write reports, business correspondence, and procedure manuals.
• Knowledge of analysis prac�ces for role specific security func�ons, processes, and
procedures as well as a founda�on in the NIST Cyber Security Framework.
• Skill in collabora�ng with other team members to ensure that security features meet
business needs and not cripple user access.
Updated: March 2024
• Skill in nego�a�on and conflict resolu�on.
• Skill in using computers and applicable so�ware applica�ons (Microso� Office – Word,
Excel, Outlook)
• Skill in working in a team environment within minimal supervision; team oriented.
Supervision
No supervision of direct reports.
Physical Demands
The physical demands described here are representative of those that must be met by an
employee to successfully perform the essential duties and responsibilities of this job.
Reasonable accommodations may be made to enable individuals with disabilities to perform
the essential duties and responsibilities.
While performing the duties of this job, the employee is regularly required to talk or hear. The
employee is frequently required to sit; use hands to finger, handle, or feel and reach with hands
and arms. The employee is occasionally required to stand; walk and stoop, kneel, crouch, or
crawl. The employee must occasionally lift and/or move 25 pounds. Specific vision abilities
required by this job include close vision, distance vision, color vision, depth perception and
ability to adjust focus.
Work Environment
The work environment characteristics described here are representative of those an employee
encounters while performing the essential duties and responsibilities of this job. Reasonable
accommodations may be made to enable individuals with disabilities to perform the essential
duties and responsibilities.
The noise level in the work environment is usually moderate. Duties are generally performed in
an office setting with a controlled environment. While performing the duties of this job, the
employee is occasionally exposed to risk of electrical shock and vibration. The job requires
sitting for extended periods of time and the work may expose the employee to unpleasant
social situations and significant work pace pressure.
Iowa City is an Equal Opportunity Employer. In compliance with the Americans with Disabilities
Act as Amended, the City will provide reasonable accommodations to qualified individuals with
disabilities and encourages both prospective and current employees to discuss potential
accommodations with the employer.
Reviewed/Approved by: Nicole Davies, Finance Director (4/2024)
Updated: March 2024
I have read and understand the duties and requirements of this job description, and I
agree that I can perform the duties of this position with or without reasonable
accommodation.
Employee Date
________________________________ __________________