The URL can be used to link to this page

Home My WebLink AboutInformation Security AnalystUpdated: March 2024 CITY OF IOWA CITY – JOB DESCRIPTION Posi�on Title: Informa�on Security Analyst Department: Finance Division: Informa�on Technology Services Supervisor: Information Technology Services Coordinator FLSA: Exempt Civil Service: Yes Pay Grade: 27 Job Number: 2731 Job Summary Plan and carry out security measures to protect an organiza�on’s computer networks and systems. Essen�al Job Du�es and Responsibili�es The following duties are normal for this position. These are not to be construed as exclusive or all-inclusive. Other duties may be required and assigned. • Updates and maintains cybersecurity related plans and policy, such as the Incident Response Plan, Con�nuity of Opera�ons Plan and Interconnec�on Agreements. • Updates, maintains and audits backup and restora�on plans and policies. • Updates, maintains and audits endpoint security solu�ons such as an�virus, an�malware, email pre-scanning, firewalls and mul� factor authen�ca�on. • Audits, coordinates and tests Windows and third-party updates. • Coordinates with external security companies for pen tes�ng, vulnerability scanning and internal staff for mi�ga�on. • Coordinates the design, tes�ng and implemen�ng secure opera�ng systems and applica�ons. • Coordinates incident response, digital forensics, loss preven�on and eDiscovery ac�ons. • Conducts risk and vulnerability assessment in the network, system and applica�on level. • Maintains documenta�on, program lis�ngs, layouts and other records in support of system, modifica�on and problem resolving efforts. • Coordinates change and configura�on management plan and policy. • Works with staff from City offices to collect, organize, update and maintain data in a least privilege environment. • Designs and maintains appropriate workflows. • Coordinates the needs of various departments and government agencies in educa�ng, establishing, and enforcing security measures. • Conducts user needs assessments and implements effec�ve procedures and applica�ons. • Es�mates effort required for assigned tasks. • Refers major hardware and so�ware problems to vendor and/or service personnel for correc�on. Updated: March 2024 • Reviews new technology and provides ideas and informa�on on new technology and ways it can enhance the security infrastructure. • Par�cipates in on-call rota�on or may be required to work extended hours. • Conducts self in a manner which promotes and supports diversity and inclusivity in the workplace and community. • Performs other related du�es as assigned. Minimum Education, Experience, Certification/Licensure, Other • Bachelor’s degree from an accredited educa�onal ins�tu�on; or four years of related experience and/or equivalent combina�on of educa�on and experience. Degree in Computer Science or Informa�on Technology with emphasis on security. • Cer�fica�ons such as SSCP, CCSP, CISSP, SANS or equivalent. Security+ cer�fica�on with first six months of employment. CySA+ or CASP+ within 12 months of employment. Must pass criminal background check. Preferred Education, Experience, Certification/Licensure, Other • Bachelor’s degree from an accredited educa�onal ins�tu�on and one year of related experience; or five years of related experience and/or equivalent combina�on of educa�on and experience. Knowledgeable of Cyber Kill Chain, Diamond Model of Intrusion Analysis, SIEM, IDS, an�-virus/an�-malware and firewall technologies, and understanding of networking and TCP/IP. Experience with Windows Server, Windows 10, Windows 7, and Linux. Knowledge, Skills, and Abili�es • Ability to add, subtract, mul�ply, and divide in all units of measure, using whole numbers, common frac�ons, and decimals, ability to compute rate, ra�o, and percent. • Ability to develop their own skills and those of others. • Ability to effec�vely present informa�on and respond to ques�ons from groups of managers, clients, customers, and the general public. • Ability to exercise leadership skills and influence effec�vely, ability to resolve impediments in a �mely manner. • Ability to interpret a variety of instruc�ons furnished in writen, oral, diagram, or schedule form. • Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regula�ons. • Ability to reliably and predictably carry out du�es. • Ability to solve prac�cal problems and deal with a variety of concrete variables in situa�ons where only limited standardiza�on exists. • Ability to write reports, business correspondence, and procedure manuals. • Knowledge of analysis prac�ces for role specific security func�ons, processes, and procedures as well as a founda�on in the NIST Cyber Security Framework. • Skill in collabora�ng with other team members to ensure that security features meet business needs and not cripple user access. Updated: March 2024 • Skill in nego�a�on and conflict resolu�on. • Skill in using computers and applicable so�ware applica�ons (Microso� Office – Word, Excel, Outlook) • Skill in working in a team environment within minimal supervision; team oriented. Supervision No supervision of direct reports. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential duties and responsibilities of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties and responsibilities. While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to sit; use hands to finger, handle, or feel and reach with hands and arms. The employee is occasionally required to stand; walk and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, depth perception and ability to adjust focus. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential duties and responsibilities of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties and responsibilities. The noise level in the work environment is usually moderate. Duties are generally performed in an office setting with a controlled environment. While performing the duties of this job, the employee is occasionally exposed to risk of electrical shock and vibration. The job requires sitting for extended periods of time and the work may expose the employee to unpleasant social situations and significant work pace pressure. Iowa City is an Equal Opportunity Employer. In compliance with the Americans with Disabilities Act as Amended, the City will provide reasonable accommodations to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer. Reviewed/Approved by: Nicole Davies, Finance Director (4/2024) Updated: March 2024 I have read and understand the duties and requirements of this job description, and I agree that I can perform the duties of this position with or without reasonable accommodation. Employee Date ________________________________ __________________