Cybersecurity Analyst

Position Summary

This position is responsible for various aspects of Information Security across the organization, which includes data availability, data integrity, authentication, and confidentiality. This position will exercise discretion and independent judgment with respect to the maintenance of security policy and procedures as well as utilize security tools in his/her daily tasks. This position will train or participate in work team assignments.

This is a salaried, exempt position. The Cybersecurity Analyst reports to the Director of Technology.

Essential Job Functions

• Continuously test and monitor networks, systems, and applications for security breaches and incidents. This includes analyzing security alerts, logs, and data to identify threats and assess potential impact

• Assist in revising, documenting, and managing all security-related policies and procedures to ensure they are up to date with industry standards and regulations

• Monitor, communicate, and assist in managing enterprise security risk by maintaining visibility across the organization

• Investigate security incidents and collaborate with OAA Departments to respond and mitigate threats effectively

• Support cybersecurity awareness programs by educating employees on best practices and new threats

• Work with technology team to identify and prioritize patches, updates, and other mitigation strategies

• Conduct and report on security risk assessments, evaluations, and audits to evaluate potential vulnerabilities. Participate and review technology-based designs regarding implementation of appropriate security policies and practices with OAA Departments

• Work with the technology team and OAA Departments to identify, recommend, implement, and manage security tools used to analyze and mitigate known vulnerabilities for applications, databases, operating systems, network components, and other information assets

• Perform other duties as assigned
  

Knowledge, Skills and Abilities Required

• Bachelor’s degree in Cybersecurity, Information Technology, or related field and a minimum of two years’ progressive information security experience

• Experience working in a Security Operation Center preferred

• Understanding of the Risk Management Framework (RMF) process

• Strong attention to detail

• Ability to work and adapt in a multi-disciplined environment

• Excellent oral and written communication skills

• Analytical skills to identify and fault isolate problems/issues, accurately assess relevance of information, generate, and evaluate alternatives, and provide technical recommendations

• Strong knowledge and understanding of current security threats, techniques, and landscape

• Strong understanding of network technologies and security tools

• Knowledge of cloud-based architecture desired

#hc225135