Cybersecurity Analyst

The City of Portsmouth is accepting applications for Cybersecurity Analyst. Join a collaborative, mission-driven team and make a meaningful impact by protecting critical public infrastructure.

This position is full time, 37.5 hours a week and follows the City Hall hours:
Monday: 8am-6pm
Tuesday-Thursday: 8am-4:30pm
Friday: 8am-1pm

Position is non-union and the starting salary range is $115,475.17 - $140,360.79 a year.

We encourage you to apply even if you don’t satisfy every single bullet on this list.

The City offers a generous compensation and benefits package that includes retirement paid time off including vacation holidays medical & dental insurance flexible spending account professional development career growth longevity incentives and more!

NATURE OF WORK
The Cybersecurity Analyst will work with all departments of the municipal government to safeguard the City’s information systems from cyber threats. The cybersecurity analyst will be responsible for the development, implementation, maintenance and monitoring of security tools that protect City’s IT systems, networks and data from cyber-attacks. Areas of responsibility include Municipal Government, Water and Sewer, School Department and Police Department.

SUPERVISION
The Cybersecurity Analyst will work under the direction of the Chief Information Officer.

ESSENTIAL JOB FUNCTIONS
The essential functions or duties listed below are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if work is similar, related, or a logical assignment to, or extension of, the position.

1. Design, implement, maintain and monitor security tools such as EDR, IDS/IPS, SIEM, vulnerability scanning, network monitoring, email security, and identity providers.

2. Receive and analyze alerts from various sources within the City and determine possible causes of such alerts. Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.

3. Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

4. Conduct investigation and analysis of cybersecurity events.

5. Collaborate with separate IT teams in City government, Water and Sewer, School Department and Police Department.

6. Provide leadership and immediate response to cybersecurity incidents, including containment and long-term remediation strategies. Coordinate with external resources as appropriate.

7. Develop policies and procedures to identify and mitigate cybersecurity risks for City systems and data.

8. Evaluate software procurement for security and validate secure implementation of new systems.

9. Evaluate systems to securely control access to the network, applications, and data.

10. Work closely with vendors and third-party providers to ensure security and compliance with City policy for vendor access.

11. Participate in network and system design to increase cybersecurity.

12. Assist in developing and maintaining the City’s employee security training.

13. Manage cybersecurity projects and keep stakeholders informed of progress.

14. Stay current with Tactics, Techniques and Procedures used by relevant threat actors to mitigate and monitor potential threats.

15. Initiate and participate in penetration testing with outside organizations to evaluate City systems for vulnerabilities. At conclusion of penetration testing engagements, analyze results to recommend and evaluate mitigation of vulnerabilities.

16. Assist with regulatory compliance such as PCI DSS, HIPAA, CJIS.

EXAMPLES OF OTHER JOB FUNCTIONS

1. Define and discern key aspects of a problem. Develop solutions that meet cybersecurity and business needs.

2. Provide technical leadership with a focus on cybersecurity.

3. Work independently and as a member of IT teams across different departments.

4. Exercises a high degree of autonomy and is accountable for meeting deliverables without direct supervision.

5. Mentor other IT personnel.

6. Performs other duties as may be assigned.

REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES

An incumbent in this position consistently demonstrates:

1. Knowledge and experience with the configuration and use of security information and event management (SIEM) tools.

2. Knowledge and experience of security operations in a Windows environment.

3. Solid knowledge of Windows 11, Windows Active Directory, Entra IDP, Microsoft Azure and 365 to include security configurations, access management, conditional access policies, and identity governance.

4. Experience securing and monitoring common network services with a focus on hardening configurations and threat detection.

5. Knowledge of network security architecture including firewalls, intrusion detection/prevention systems, network segmentation, secure network design, and cloud security.

6. Understanding of and experience with security monitoring in virtualized and cloud environments.

7. Requires a high level of understanding of secure infrastructure requirements and compliance frameworks (ISO 27001, NIST, CIS Controls, MITRE, PCI DSS, CJIS, HIPAA).

8. Excellent verbal and written communication skills, including the ability to explain security risks to non-technical stakeholders.

9. Ability to maintain strict confidentiality and handle sensitive security information according to established protocols.

10. Ability to establish and maintain effective working relationships with co-workers in all municipal departments, City administrators, and officials while promoting security awareness and compliance.

11. Ability to communicate security risks, policies, and procedures effectively and respectfully with vendors, colleagues, City administrators and officials, and other agencies orally, in writing, and by listening.

12. Ability to perform all tasks assigned, in a reasonable amount of time, with a positive attitude. It is imperative that all team members work well together and provide support for each other.

13. Ability to communicate effectively with the general public, City staff, and government officials at all levels.

ENVIRONMENT, WORKING CONDITIONS, PHYSICAL AND MENTAL EFFORT
Incumbent must prioritize and perform duties and/or solve problems in a timely manner to ensure plans are executed as smoothly and efficiently as possible to meet critical deadlines. Incumbent has access to confidential information. Errors can result in significant delay or loss of service, monetary loss, or legal repercussions.

Incumbent has frequent contact with all City Departments to provide or receive information and assistance and to respond to inquiries regarding issues and procedures. Contacts are usually made via ticketing system in writing, in person, texting, via e-mail, and on the telephone.

Minimal physical effort required in performing duties under typical office environment. May involve moderate moving, lifting and carrying of small equipment. Spends extended periods at workstations performing tasks requiring eye-hand coordination, finger dexterity and viewing computer screens.

MINIMUM REQUIRED QUALIFICATIONS
Candidate must have graduated from high school or earned a graduate equivalent diploma (GED). An Associates Degree or Bachelor's Degree in Computer Science, Cybersecurity, or similar, is preferred but not required.

Technical certifications required (Security+, CySA+, GIAC Certifications, CCSP, CISSP CISM). Additional certifications in cloud security (Azure/AWS), incident response (GCIH), or compliance frameworks (CRISC/CISA) are highly desirable.

Five (5) years of relevant cybersecurity experience, with preference for municipal government or public sector experience managing both on-premises and cloud environments. Two (2) years managing and maintaining a cybersecurity program that includes both on-premise and cloud environments is preferred.

(The above descriptions are illustrative. They are intended as guides for personnel actions and are not complete itemizations of all facets of any job.)

DISCLAIMER
The essential functions and duties described herein are normal for this position. They are intended as an illustration of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if work is similarly related or a logical assignment to or extension of the position. Other duties may be required and assigned by the supervisor. The City of Portsmouth is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. The City is committed to providing access to equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services programs, and activities. To request reasonable accommodation, contact our Human Resources Director by phone 603-610-4478.

APPLICATION SPECIAL INSTRUCTIONS
Finalist must complete pre-employment screening, drug testing, & background check.