Security Analyst

JOB SUMMARY

JOB SUMMARY

Under general direction of the Information Technology Security Manager the Security Analyst will provide expert knowledge and ability in analyzing, implementing, and maintaining administration of cyber security systems for the city. This involves design, configuration, monitoring and alert response for intrusion detection and prevention systems, anti-virus systems and other security defense systems. This position will also perform security analysis of purchases, vulnerability management, and incident management.

Please note: This is an ARPA-funded position that is subject to the renewal of funding which is not guaranteed passed 12/31/26.

ESSENTIAL FUNCTIONS AND DECISION MAKING

ESSENTIAL FUNCTIONS

• Responsible for provisioning, deployment, configuration and administration of security related hardware and software.
• Responsible for day-to-day maintenance and operation of the city’s cyber security infrastructure to ensure the confidentiality, integrity, and availability of technology assets.
• Responsible for day-to-day monitoring of security-related systems, applications and logs and reporting security events.
• Maintain and oversee the day-to-day security operations of the city’s IT infrastructure to minimize risk, ensure regulatory compliance and enhance security posture.
• Ensure compliance standards are met by maintaining security policies, documentation, reporting, and system monitoring.
• Research and present innovative ideas for technology, processes, and maturity of the city’s cyber security posture.
• Work with business units to manage risk based upon the severity of the threat, current trends, and best practices.
• Monitor versions of installed software, operating systems, network configurations and track vulnerabilities for all unpatched versions.
• Conduct vulnerability scans and assessments on a routine or ad-hoc basis.
• Assess adequate access controls based on principles of least privilege and need-to-know.
• Assess the effectiveness of security controls.
• Ensure all systems security implementation, operations and maintenance activity documentation is current and maintained as necessary.
• Verify minimum security requirements are in place for all applications.
• Ensure physical security systems and controls are configured and monitored as needed.
• Review purchase requests meet established cyber security policies and standards.
• Monitor cyber security resources and partnerships for applicable and timely intelligence.

MINIMUM QUALIFICATIONS (Salary is dependent upon qualifications)

REQUIREMENTS

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, Computer Systems Engineering, or a related technical field. Additional work experience may substitute for a bachelor’s degree on a year-to-year basis.
• Experience: Two (2) years full-time experience in a cyber security role.
• Valid Texas driver’s license with an acceptable driving record.
• Must be able to pass FBI criminal background fingerprint check and have the ability to comply with state and federal requirements for criminal justice information security standards (CJIS).

Preferred Training/Certifications :

• Must obtain ITIL Foundation certification within 1 year.
• Security certifications will be considered but not required.
• (ISC)2 CISSP
• CompTIA cyber security certifications
• ISACA cyber security certifications
• GIAC cyber security certifications

CORE COMPETENCIES AND PHYSICAL DEMANDS

KNOWLEDGE, SKILLS, AND ABILITIES:

• Knowledge of enterprise level IT infrastructure, applications, and security solutions
• Knowledge of network access, identity, and access management
• Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI]
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs
• Knowledge of various types of computer architectures
• Knowledge of configuration management techniques
• Knowledge of systems security testing and evaluation methods
• Knowledge of physical security system design, operation, and management
• Skill in using network analysis tools to identify vulnerabilities or collect evidence
• Skill in IT technical problem solving and logical computer troubleshooting skills
• Skill in assessing security controls based on cybersecurity standards or frameworks
• Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes
• Skill in developing and applying security system access controls
• Skill in evaluating the adequacy of security designs
• Skill in assessing security systems designs
• Skill in recognizing vulnerabilities in security systems
• Ability to exhibit dedication and thoroughness while still meeting deadlines
• Ability to provide situational analysis and decision-making
• Ability to communicate technical information to city personnel
• Ability to establish and maintain effective working relationships with other departments, vendors, and organizations
• Ability to operate and provide availability during non-standard business hours and weekends on an as needed basis

PHYSICAL DEMANDS AND WORKING CONDITIONS
Physical requirements include lifting up to 25 pounds rarely. Subject to sitting, handling, fine dexterity, vision, hearing and talking constantly; standing, walking, bending and foot controls occasionally; lifting, carrying, pushing/pulling, reaching, kneeling, crouching, twisting, climbing and balancing rarely.

Working conditions involve climate-controlled office environment, computer room is kept at 70 degrees and may be drafty. Generators, alarms, and staff talking on phones (noises are intermittent and constant).

The City of San Marcos offers its employees a broad range of benefits to enhance their personal and occupational lives. We are committed to a total rewards strategy that provides employees with competitive compensation, comprehensive benefits, and an environment that supports a healthy work/life balance. 2023 Benefits Guide

BENEFITS
Medical, Dental & Vision Coverage

• United Healthcare
  • Choice Plus PPO Plan
  • Prescription Drug Plan
  • Wellness Initiatives
  • Virtual Doctor Visits 24/7
  • Dental Plan

Davis Vision Insurance

• Base Vision Plan
• Premium Vision Plan
• Laser Vision Correction discounts

Retirement

• Texas MunicipalRetirement System (TMRS)
• Mission Square Retirement Corporation - optional 457-deferred compensation plan & Roth IRA

ADDITIONAL BENEFITS

• Flexible Spending Accounts
• City paid Life and AD&D Insurance
• Voluntary Life, AD&D and Long Term Disability insurance
• Employee Assistance Program
• Vacation
• Sick Leave
• Holidays
• Longevity Pay
• Tuition Reimbursement
• Activity Center Membership
• Direct Deposit

The City of San Marcos strives to provide employees with an opportunity for a flexible and positive work/life balance. Employees in eligible positions are offered remote telework options of up to two days per week or 40% of an employee's scheduled work hours. Remote telework eligibility will be determined by department directors to ensure the City provides quality services.

Closing Date/Time: 5/10/2024 4:59 PM Central

San Marcos, Texas United States View Map