Information Security Analyst

Performs and assists with routine information security tasks and functions. Performs basic security administrative tasks across Information Technology functional areas. Carries out and assists with carrying out security policies, standards and procedures. Gathers information for security risk analysis and incident management efforts. Assists in security risk assessment and management. Supports malicious and unwanted software tracking, monitoring and removal efforts. Monitors security profiles, reviews security violation reports, investigates possible security exceptions, and updates, and maintains and documents security controls. Provides routine technical support for evaluation of products and/or procedures to enhance productivity and effectiveness. Investigates elevated security issues regarding Information and Telecommunication Systems (ITS) Department built/managed workstation systems.

Distinguishing Characteristics:

This is the first in a series of three information security-related job classifications within the Information Technology job family.  Conducts routine information security tasks and functions.  The Security Analyst I assists in security risk assessment and management and supports malicious and unwanted software tracking, monitoring and removal efforts. This classification may require a flexible work schedule in order to meet the needs of the department.

• Assists with basic compliance monitoring and management activities.

• Initiates basic audit tasks using pre-defined checklists on assigned systems.  Assists with moderately complex information security auditing tasks.
• Conducts or assists in conducting routine risk assessment tasks using established procedures for workstations and non-mission critical systems.
• Assists with assessment and management tasks.  May conduct basic vulnerability assessments and management using established procedures for workstations and non-mission critical systems.
• Assists with threat monitoring, assessment and countermeasure tasks.  May perform basic threat monitoring and assessments using established procedures for workstations and non-mission critical systems.  May deploy prevention and countermeasures on workstations and non-mission critical systems using established deployment procedures.
• Executes or assists with security engineering support tasks.  May provide basic technical support during products and/or procedures evaluations.
• Assists with security administration tasks.  May perform security profiling of workstations and non-mission critical systems.  Reviews security violation reports and investigation reports to gain an understanding of the common threats and activities of the security team.  May perform basic user, application, and system administration for security applications and other tools maintained by the security team.  Reviews termination process activities to ensure access to systems, networks, and information assets is properly and promptly terminated for departing employees, workers, vendors, and others.
• Executes basic security operations tasks for security applications and other tools maintained by the security team. Maintains the information security web pages and other information security information repositories.  Runs reports, forms, and graphs in support of periodic status and posture reporting.  Conducts analysis of logs for indication of unauthorized access and activity and reports findings to a senior information security staff for review and further analysis and remediation.
• Assists with security incident response tasks.  May investigate security issues elevated by the Help Desk regarding ITS built/managed workstation systems and non-mission critical systems using established procedures and tools.
• Initiates user awareness tasks including ad-hoc and formal training of users.  Assists in the creation and delivery of information security user awareness curriculum.  Assists in educating County staff about security policies and provides consultation on basic security issues.
• Represents the security needs of the organization by providing security related expertise and assistance in Information Technology projects.
• Assists in the implementation of security policies and procedures and may provide input into the development of such policies and procedures.
• Performs other job-related duties as assigned.

Education and Experience:
Bachelor's degree in Computer Science, Information Systems, Business Administration or a directly related field AND one (1) year of relevant work experience, including six (6) months experience in security administration;

OR,

Any combination of education and experience that has been achieved and is equivalent to the stated education and experience and required knowledge, skills, and abilities sufficient to successfully perform the duties and responsibilities of this job.

Licenses, Registrations, Certifications, or Special Requirements:
Valid Texas Driver's License.
CompTIA Security+ Certification, Certified Information Systems Security Professional (CISSP) or equivalent industry-recognized certification required


Knowledge, Skills, and Abilities:
Knowledge of:

• Policies, practices, procedures and terminology of assigned function.
• Federal, State, Local and County applicable laws, rules, regulations and guidelines.
• Information Technology hardware, software and peripherals as related to assigned function.
• Distributed, mid-range and mainframe computing systems high level architecture and web operations.
• Computer system implementation and administration.
• User administration.
• Electronic mail system implementation, administration, and usage.
• Internet access connectivity, administration, and usage.
• Software application development lifecycle.
• Malicious and unwanted software, email and content along with common practices for protection and management.
• Information Technology risk assessment techniques (qualitative and quantitative).
• Common threats to systems, networks, applications and information for both standalone and interconnected computers.
• Vulnerability management techniques for commonly encountered operating systems (Windows, NetWare, Linux, UNIX) and Health Insurance Portability and Accountability Act (HIPAA) Final Privacy and Security Rule standards and implementation specifications.
• Computer equipment to include word processing, spreadsheets, databases and a variety of software packages.
• May be required to develop knowledge of and adhere to federal and state laws requiring the confidential handling of certain health information.

• Interacting with and supporting the activities of other information technology and information security professionals.
• Providing customer service to a wide range of internal and external customers.
• Problem-solving and decision-making.
• Both verbal and written communication, including presentations and communicating technical issues in non-technical language.

• Comprehend the language of policies and standards and present them in an understandable way to ITS staff members and department users.
• Read, comprehend, comply with and assist customers in complying with complex technical standards and procedures.
• Deliver awareness training from documented training curriculum.
• Work independently and efficiently and as part of a team.
• Manage time well, perform multiple tasks and organize diverse activities.
• Research, compile, analyze, interpret and prepare a variety of memorandums or reports.
• Establish and maintain effective working relationships with departmental clientele, representatives of outside agencies and providers, other County employees and officials, and the general public.

Work primarily performed in office setting, either on-site or in a secure hybrid/telework environment. May involve occasional visits to data centers, agency offices, or vendor locations for security inspections, audits, or meetings. Must adhere to strict security protocols and procedures, including physical access controls, background checks, and secure area clearances. May occasionally work outside normal business hours to respond to security incidents or meet project deadlines.

Physical requirements include extended periods of sitting, using a computer and other standard office equipment. Subject to visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment. Occasional lifting or carrying of equipment or materials (typically less than 25 pounds) may be required. Must be able to remain focused and alert while working on detailed technical tasks, especially during incident response or time-sensitive audits.