IT Security Analyst (Cyber-Security Analyst)

Job Summary

Under general direction, is responsible for implementing required security configurations and installations. Primarily focuses on security administration. Runs security analysis reports and documents gaps. Maintains audits and provides security support fort application and infrastructure projects. Exercises no supervision.

Essential Job Functions

  • Security System Administration: Evaluation, configuration, maintenance, and operation of security systems and tools.
  • Monitoring: Perform analysis of security alerts, reports, and log data.
  • Documentation: Create, review and maintain security standards and procedures documentation.
  • Application and Infrastructure Project Support: Provides security support for application and infrastructure-related projects.
  • Incident Response: Resolves problems and assists with security incident handling.
  • Forensic: Assist in computer forensics investigations.
  • Vulnerability Management: Conduct vulnerability scans, risk analysis, identification and evaluation of mitigation strategies, and reports in support of Vulnerability Management.
  • Performs related duties and fulfills responsibilities as required.

Job Requirements

  • Bachelor’s degree from an accredited college or university.
  • Three (3) years of IT work experience.
  • Applicants for this position must pass a Criminal Justice Information Systems (CJIS) fingerprint-based background check and maintain CJIS eligibility. Due to CJIS requirements related to system access, the following will result in being disqualified for this position: Felony Convictions, Felony Deferred Adjudication, Class A & B Misdemeanor Deferred Adjudication, Class B Misdemeanor Convictions, an Open Arrest for Any Criminal Offense (Felony or Misdemeanor), and Family Violence Convictions.

PREFERRED QUALIFICATIONS:

  • Familiarity with security technology, techniques and practices, writing policy and guidance in private or public sector organizations.
  • Experience in conducting vulnerability assessments for a wide-variety of mission essential infrastructure to include network equipment rooms, data centers, and telecommunications systems.
  • Background in critical infrastructure protection and security, intelligence, physical and Cyber-security programs; experience in or knowledge of supporting organizations, including government, military, law enforcement agencies and associations.
  • Experience in investigations, security operations, surveillance techniques, contract security services, and physical security assessments.
  • Strong understanding and foundation of common security compliance frameworks, controls and best practices (NIST, SANS, PCI, HIPAA, and CJIS).
  • Knowledge of security issues and techniques across multiple computer platforms.
  • Superior organizational skills, effective time management, and dedication to duty.
  • Industry certifications, such as: CompTIA Security +, CISSP, GSEC, GCED, CSA, GCIH.

APPLICANT INFORMATION:

  • If selected for this position, official transcripts, diplomas, certifications and licenses must be submitted at the time of processing.  Unofficial transcripts and copies of other relevant documents may be attached to the application for consideration in advance.
  • Please be advised that if selected for this position, information regarding employment history as it relates to the qualifications of the position will be needed for employment verification. Applicants claiming military service to meet the experience requirement for this position may attach a DD214 to the application.
  • Unless otherwise stated, applicants are permitted to substitute two years of related full-time experience for one year of higher education or one year of related higher education for two years of experience in order to meet the minimum requirements of the job. One year of full-time experience is defined as 30 or more hours worked per week for 12 months.  One year of higher education is defined as 30 credit hours completed at an accredited college or university.
  • Applicants selected for employment with the City of San Antonio in this position must receive satisfactory results from pre-employment drug testing and background checks.  If required for the position, a physical, motor vehicle record evaluation, and additional background checks may be conducted.

PHYSICAL REQUIREMENTS: 

  • Physical requirements include occasional lifting/carrying of 5 pounds; visual acuity, speech and hearing; hand and eye coordination and manual dexterity necessary to operate a computer keyboard and basic office equipment. Subject to sitting, standing, reaching, walking, twisting, and kneeling to perform the essential functions. Working conditions are primarily inside an office environment.

WORK COMPLEXITY AND EXAMPLES:

  • Delivers security solutions for activity-based assignments. Executes and solves problems within specifications and with clear direction and guidance.

Knowledge, Skills, and Abilities

  • Knowledge of security issues and techniques across all existing computer platforms.
  • Knowledge of applicable federal, state, and local law and regulations.
  • Knowledge of security products, tools, and processes.
  • Skill in operating a personal computer.
  • Ability to establish and maintain effective working relationships with City staff and the general public.
  • Ability to communicate clearly and effectively, both verbally and in writing.