The Information Security Analyst will primarily be responsible for monitoring for intrusions and malicious activity, assessing effectiveness of security controls protecting county information assets, identifying gaps, assessing risk, facilitating and participating in the execution the security lifecycle for IT projects, and overseeing compliance with laws and regulations pertaining to county information systems. The ideal candidate for this role will have a holistic approach to assessing security risks and uses abstract thinking to contextualize problems and formulate solutions. This job requires the ability to utilize information from many sources including: frameworks, guidelines, threat-intelligence, and industry best-practices to inform decision making.

• Monitor systems and networks for malicious activity.
• Participate in internal and external security & compliance audits.
• Installation, configuration, and support of technical security controls and countermeasures.
• Maintenance of security policies, procedures, guidelines, and standards.
• Promotes activities to create information security awareness throughout organization.
• Participate as a technical security role of the internal computer incident response team.
• Perform regular vulnerability scans and participate in remediation efforts.
• Monitor and Manage Data Loss Prevention (DLP) solution.
• Work with subject matter experts to complete System Security Plan.
• Assist with monitoring and operating other security solutions under the responsibility of the IT Security group.
• Assist with day-to-day operations within the IT Security group.
• Assist security and technical teams with monitoring and responding to operational alerts.
• Participate as member of internal computer incident response team.
• Attends conferences and training as required to maintain proficiency.
• Perform other related duties and responsibilities as required.
• Research and stay up-to-date on latest threats, vulnerabilities, tools, and techniques, compliance, laws, regulations, and best-practices.
• Must be able to work a flexible schedule when required to operate during maintenance windows of various county departments.
• Unplanned after-hours work is rare but should be expected occasionally.

• Technical aptitude to adapt and learn in a rapidly changing environment and solve complex problems.
• Technical competency to assess and propose security controls to address security gaps.
• Working knowledge of common compliance frameworks such as HIPAA, PCI, NIST.
• Skilled in log and packet analysis.
• Excellent written and verbal communication skills.
• Ability to take initiative with minimal supervision.
• Ability to perform well under pressure and in disruptive environments.
• Strong interpersonal skills, and demonstrated ability to work effectively with customers and colleagues.
• Prior experience in a technical support capacity.
• Knowledge of SAML and Microsoft ADFS is a plus.
• Firewall Administration a plus.
• Working knowledge of TCP-IP networks.
• Ability to work after-hours when required.
• Proficient with Microsoft Windows and Linux operating systems.
• Communicate clearly and concisely, both orally and in writing.
• Establish, maintain and foster positive and harmonious working relationships with those contacted in the course of work.
• At least three (3) years experience working in technology or information security roles.
• Strong knowledge of HIPAA Security Rule and PCI compliance.
• Knowledge of CJIS is a plus.
• Strong technical background and understanding of enterprise networking and datacenter environments.
• Experience with Microsoft Azure and Office 365 is a plus.
• Knowledge of industry best practices and frameworks.
• Up-to-date knowledge of security threats and exploitation techniques.
• Experience configuring, tuning, and troubleshooting Nexpose vulnerability scanner or similar product Experience with Metasploit and Kali Linux a plus

Education and Training: A BS in Information Security, Computer Science, Telecommunications, or closely related field, OR equivalent experience is required.

License or Certificate: Security+, GIAC, OSCP, CISSP, CCSP, or other equivalent certifications preferred but not required.

Background Check: Must pass a criminal (CBI) background check.