Information Security Analyst
Implements, maintains, and performs cybersecurity risk analysis of systems and plans and carries out security measures to identify, investigate, and triage suspicious activities and protect systems and digital assets, including working with malware/antivirus tools, patch management, vulnerability scanners, security information event management, intrusion detection system, identity and access management, cloud, application, email, endpoint security, web application, web gateway, cloud access security broker and other security tools.
Receives general supervision from assigned supervisory or management personnel. Exercises no supervision over staff.
- Implements, monitors, evaluates, and recommends IT security measures and programs in accordance with ISD policies, procedures, and standards.
- Creates specific protocols that audit file changes such as updates, deletions, additions, and moves.
- Performs risk analysis to identify any security issues that could lead to lost or stolen data.
- Analyzes security data from computing and network devices to identify potential threats and vulnerabilities. Facilitates penetration testing and monitoring of current digital assets. Analyzes system outages, alerts, and reports of abnormal system behavior due to suspected security related events such as viruses and hacker intrusions. Investigates suspicious behavior and triage incidents. Identifies and document security breaches and damage caused by breaches and takes appropriate action to prevent future cyber compromise.
- Compiles and validates security related statistical data and prepares reports.
- Monitors current vulnerability security alerts to patch applications and systems.
- Conducts risk assessments, and tracks and reports remediation efforts.
- Defines, updates, and enforces enterprise level security policies and procedures. Documents network data flows and access controls.
- Researches the latest information technology security trends and recommends security enhancements.
- Maintains a working knowledge of ITIL standards and procedures and government security standards and how these apply to the organization’s IT infrastructure.
- Assists in the development of security policies, standards, and best practices; develops and recommends compliance strategies for IT security programs, assesses risks of noncompliance with IT security policies, standards, and guidelines and reports findings.
- Assists in the development, implementation, and evaluation of security awareness training programs and trains staff on security protocols, policies, and procedures.
- May work with law enforcement and vendors to manage security threats.
- Supports computer users with security related software installations and implementation of new security products and procedures.
- Performs other duties as assigned.
- Information security architecture, design, and engineering with a primary focus on technologies, tools, and solutions
- Principles of incident response, security information event management, intrusion detection systems, threat hunting
- Principles of endpoint protection and response, and security orchestration automation and response
- Principles of data encryption and data loss prevention
- Identity and access management, cloud, email and endpoint security technologies
- Web security gateway and cloud access security broker technologies
- Web application, web security gateway, and cloud access security broker technologies
System and program design parameters
- Vulnerability scanning tools
- Principles and practices of planning, designing, installing, maintaining, and operating local and wide area network equipment and operating systems
- Principles of web application firewall and application security
- Multi-platform operating systems, such as Windows Server, Linux, Windows and Mac desktop operating systems
- Current network hardware, protocols, and standards
- Standards and best practices in security domains
- Risk assessment process and practices
- Applicable data privacy laws and practices
- Effective customer service techniques
- Manage email, cloud, web, application, endpoint, and network security
- Implement, manage, and leverage security technologies
- Perform trend analysis and conduct independent systems analysis of business processes
- Perform security incident investigation or analysis of a security incident or event
- Communicate and describe security issues and potential impact on City operations to peers, management, and non-technical staff
- Maintain and prepare complex, comprehensive, and confidential reports
- Communicate effectively, both orally and in writing
- Establish and maintain cooperative and effective working relationships with City employees and the general public
- Prepare statistical reports
- Provide effective customer service
- Establish and maintain effective and cooperative working relationships with City employees and the public
- Managing and supporting incident response activities to include leveraging security information event management and intrusion detection systems
- Collecting data and research to identify possible cybersecurity threats
- Endpoint protection and response
- Security orchestration automation and response
- Supporting data encryption and data loss prevention security measures
- Deploying and administering identity and access management, single sign-on, privilege access management, and VPN technologies
- Administering and supporting cloud, email, and endpoint security technologies
- Computer hardware and software configuration, maintenance, and problem resolution
- Requirement gathering and analysis
- Technical troubleshooting and problem solving
- Serving broad customers audiences, including public safety personnel
- Project management and implementation of information systems
- Managing multiple projects simultaneously
- Education: Graduation from an accredited college or university with a bachelor’s degree in computer science, management information systems, or a closely related field.
- Experience: Three years of recent, paid work experience assisting with the implementation, administration, and monitoring of IT security solutions and programs and experience working with information security and vulnerability scanning tools is required.
- Education: Graduation from an accredited college or university with a bachelor’s degree.
- Experience: Five years of recent, paid work experience assisting with the implementation, administration, and monitoring of IT security solutions and programs and experience working with information security and vulnerability scanning tools is required.
Licenses and Certificates:
Possession of one of the following certifications: CISSP, CISA, CRISC, GIAC, CEH, CHFI or similar certification. Possession of AWS Certified Security – Specialty and Microsoft (MCSA or MCSE) certification is desirable.
How to Apply:
Applicants must submit a clear, concise, completed on-line City Application along with any required supplemental application materials with the Human Resources Department by the filing deadline. If you do not submit your on-line application by the filing deadline, you will not be considered for this position. Please note, applications may be rejected if incomplete. Resumes, CVs and cover letters are not reviewed as part of the application screening process.
If you would like for your education to be considered, you must attach a copy of your college level transcripts or diploma to your online application. Applicants who indicate receipt of college level coursework or degree from a foreign institution must provide United States credential equivalency verification along with a copy of your college diploma/transcripts. All materials must be received in the Human Resources Department no later than the filing deadline. Failure to do so may result in your application being evaluated without the education being considered.
All applicants must submit clear, concise and complete information regarding your work history and qualifications for the position. All applicants will be reviewed and only those applicants determined to be most qualified on the basis of experience, training and education, as submitted, will be invited to participate further in the selection process.
Testing may consist of any of the following: written test, performance test, evaluation of qualifications, oral interview, or any combination of these.
If three or more qualified City employees apply and pass the examination, a promotional list will be established in addition to an open-competitive list. If fewer than three qualified City employees pass the examination, the appointing authority, in accordance with the City’s civil service rules and regulations, can decline to use a promotional list, in which case a promotional list will not be established for this position.
Candidates who have successfully completed all prior phases of the selection process will be subject to a thorough background investigation.
COVID 19 Vaccination:
Proof of COVID 19 vaccination will be required as a condition of employment unless a religious or medical/disability exemption is granted by the City.
Inclusion & Diversity Statement
The City of Santa Monica is a progressive, inclusive and culturally-rich community. As leaders in public service, we strive to be an employer of choice by attracting and retaining a highly-talented workforce where people of diverse races, religions, cultures and lifestyles thrive. Our goal is to create a welcoming and inclusive environment where our staff are empowered to perform at their highest level and where their differences make a positive impact.
The City is an equal opportunity employer and strives to build balanced teams from all walks of life without regard to race, color, ethnicity, religion, national origin, age, sex, sexual orientation, gender identity, marital status, ancestry, disability, genetic information, veteran status, or any other status protected under federal, state and/or local law. We aim to create a workplace that celebrates and embraces the diversity of our employees. Join us!
Special assistance with the application and examination process is available, upon request, for persons with disabilities. Call (310) 458-8246, TDD (310) 458-8696 (Hearing Impaired Only).
Please note the request for reasonable accommodations must be made to Human Resources at least three work days prior to the examination.