Information Security Analyst
Posted on Sep 25, 2024 by City of Philadelphia
Philadelphia, PA
Health & Safety
Immediate Start
Annual Salary
Full-Time
Job Description
The Information Security Analyst will specialize in identifying, tracking and managing risks and vulnerabilities affecting the City of Philadelphia’s IT environment. The analyst will also contribute to the development of the OIT’s information security program and provide analytical support for the ISG. The preferred candidate will be able to work effectively in a collaborative environment and will have a strong interest in the current security landscape, resources and threats affecting large municipal government networks.
Essential Functions
Perform continuous monitoring and analyst of data using various tools
Test effectiveness of IT and business process controls and provide remediation recommendations
Perform application, vulnerability and penetration testing and communicate findings to business unit leaders and technical subject matter experts
Document, track, and report on, and effectively communicate risks to the City of Philadelphia
Create controls, standards, and guidance documentation
Track and report on the effectiveness of information security technology, processes and polices
Support and participate in Information Security projects and initiatives as needed, including development of security monitoring procedures, incident response planning, etc.
Other duties as assigned
Competencies, Knowledge, Skills and Abilities
An Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:
1. Technical Skills
Knowledge of Security Tools: Proficiency in using security tools, processes such as SIEM, EDR, GRC, email security, firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption tools.
Network Security: Understanding of network protocols, architecture, and security best practices.
Operating Systems: Familiarity with different operating systems, especially Windows, Linux, and Unix, and their security features.
Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities in software, systems, and networks.
2. Cybersecurity Knowledge
Threat Intelligence: Knowledge of current cyber threats, attack vectors, and techniques used by malicious actors.
Incident Response: Skills in detecting, analyzing, and responding to security incidents and breaches.
Risk Management: Understanding of risk assessment, management strategies, and the ability to prioritize security efforts based on risk levels.
3. Analytical and Problem-Solving Skills
Critical Thinking: Ability to analyze complex security issues and develop effective solutions.
Attention to Detail: Precision in identifying potential security flaws and ensuring comprehensive security measures.
Forensic Analysis: Skills in investigating and understanding the root cause of security incidents.
4. Communication Skills
Reporting: Ability to create detailed reports on security incidents, assessments, and recommendations.
Stakeholder Communication: Skills in communicating technical security issues to non-technical stakeholders, including management and other departments.
Collaboration: Ability to work effectively with other IT teams, City Departments, Legal, and compliance departments to ensure a cohesive security strategy.
5. Knowledge of Regulatory Compliance
Regulatory Frameworks: Understanding of relevant regulatory requirements and standards such as NIST, HIPAA, PCI-DSS, CJIS, IRS 1075, and ISO 27001.
Compliance Monitoring: Ability to ensure that the City’s security practices comply with industry regulations and standards.
6. Ethical Hacking Skills
Penetration Testing: Skills in ethical hacking to test and identify vulnerabilities within systems.
Security Audits: Conducting regular security audits to ensure the integrity and security of systems.
7. Continuous Learning and Adaptability
Staying Updated: Commitment to staying informed about the latest developments in cybersecurity, including emerging threats and new technologies.
Adaptability: Ability to quickly adapt to new tools, technologies, and security challenges.
8. Project Management Skills
Planning and Execution: Ability to plan, manage, and execute security projects, including implementing new security measures or responding to incidents.
Resource Management: Efficient use of resources to achieve security objectives within the given constraints.
9. Ethical Judgment and Integrity
Confidentiality: Strong sense of responsibility in handling sensitive information and maintaining confidentiality.
Ethical Decision-Making: Making decisions that are in the best interest of the City’s security and ethical standards.
The Information Security Analyst will specialize in identifying, tracking and managing risks and vulnerabilities affecting the City of Philadelphia’s IT environment. The analyst will also contribute to the development of the OIT’s information security program and provide analytical support for the ISG. The preferred candidate will be able to work effectively in a collaborative environment and will have a strong interest in the current security landscape, resources and threats affecting large municipal government networks.
Essential Functions
Perform continuous monitoring and analyst of data using various tools
Test effectiveness of IT and business process controls and provide remediation recommendations
Perform application, vulnerability and penetration testing and communicate findings to business unit leaders and technical subject matter experts
Document, track, and report on, and effectively communicate risks to the City of Philadelphia
Create controls, standards, and guidance documentation
Track and report on the effectiveness of information security technology, processes and polices
Support and participate in Information Security projects and initiatives as needed, including development of security monitoring procedures, incident response planning, etc.
Other duties as assigned
Competencies, Knowledge, Skills and Abilities
An Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:
1. Technical Skills
Knowledge of Security Tools: Proficiency in using security tools, processes such as SIEM, EDR, GRC, email security, firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption tools.
Network Security: Understanding of network protocols, architecture, and security best practices.
Operating Systems: Familiarity with different operating systems, especially Windows, Linux, and Unix, and their security features.
Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities in software, systems, and networks.
2. Cybersecurity Knowledge
Threat Intelligence: Knowledge of current cyber threats, attack vectors, and techniques used by malicious actors.
Incident Response: Skills in detecting, analyzing, and responding to security incidents and breaches.
Risk Management: Understanding of risk assessment, management strategies, and the ability to prioritize security efforts based on risk levels.
3. Analytical and Problem-Solving Skills
Critical Thinking: Ability to analyze complex security issues and develop effective solutions.
Attention to Detail: Precision in identifying potential security flaws and ensuring comprehensive security measures.
Forensic Analysis: Skills in investigating and understanding the root cause of security incidents.
4. Communication Skills
Reporting: Ability to create detailed reports on security incidents, assessments, and recommendations.
Stakeholder Communication: Skills in communicating technical security issues to non-technical stakeholders, including management and other departments.
Collaboration: Ability to work effectively with other IT teams, City Departments, Legal, and compliance departments to ensure a cohesive security strategy.
5. Knowledge of Regulatory Compliance
Regulatory Frameworks: Understanding of relevant regulatory requirements and standards such as NIST, HIPAA, PCI-DSS, CJIS, IRS 1075, and ISO 27001.
Compliance Monitoring: Ability to ensure that the City’s security practices comply with industry regulations and standards.
6. Ethical Hacking Skills
Penetration Testing: Skills in ethical hacking to test and identify vulnerabilities within systems.
Security Audits: Conducting regular security audits to ensure the integrity and security of systems.
7. Continuous Learning and Adaptability
Staying Updated: Commitment to staying informed about the latest developments in cybersecurity, including emerging threats and new technologies.
Adaptability: Ability to quickly adapt to new tools, technologies, and security challenges.
8. Project Management Skills
Planning and Execution: Ability to plan, manage, and execute security projects, including implementing new security measures or responding to incidents.
Resource Management: Efficient use of resources to achieve security objectives within the given constraints.
9. Ethical Judgment and Integrity
Confidentiality: Strong sense of responsibility in handling sensitive information and maintaining confidentiality.
Ethical Decision-Making: Making decisions that are in the best interest of the City’s security and ethical standards.
Reference: 202392353
https://jobs.careeraddict.com/post/95559213
Information Security Analyst
Posted on Sep 25, 2024 by City of Philadelphia
Philadelphia, PA
Health & Safety
Immediate Start
Annual Salary
Full-Time
Job Description
The Information Security Analyst will specialize in identifying, tracking and managing risks and vulnerabilities affecting the City of Philadelphia’s IT environment. The analyst will also contribute to the development of the OIT’s information security program and provide analytical support for the ISG. The preferred candidate will be able to work effectively in a collaborative environment and will have a strong interest in the current security landscape, resources and threats affecting large municipal government networks.
Essential Functions
Perform continuous monitoring and analyst of data using various tools
Test effectiveness of IT and business process controls and provide remediation recommendations
Perform application, vulnerability and penetration testing and communicate findings to business unit leaders and technical subject matter experts
Document, track, and report on, and effectively communicate risks to the City of Philadelphia
Create controls, standards, and guidance documentation
Track and report on the effectiveness of information security technology, processes and polices
Support and participate in Information Security projects and initiatives as needed, including development of security monitoring procedures, incident response planning, etc.
Other duties as assigned
Competencies, Knowledge, Skills and Abilities
An Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:
1. Technical Skills
Knowledge of Security Tools: Proficiency in using security tools, processes such as SIEM, EDR, GRC, email security, firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption tools.
Network Security: Understanding of network protocols, architecture, and security best practices.
Operating Systems: Familiarity with different operating systems, especially Windows, Linux, and Unix, and their security features.
Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities in software, systems, and networks.
2. Cybersecurity Knowledge
Threat Intelligence: Knowledge of current cyber threats, attack vectors, and techniques used by malicious actors.
Incident Response: Skills in detecting, analyzing, and responding to security incidents and breaches.
Risk Management: Understanding of risk assessment, management strategies, and the ability to prioritize security efforts based on risk levels.
3. Analytical and Problem-Solving Skills
Critical Thinking: Ability to analyze complex security issues and develop effective solutions.
Attention to Detail: Precision in identifying potential security flaws and ensuring comprehensive security measures.
Forensic Analysis: Skills in investigating and understanding the root cause of security incidents.
4. Communication Skills
Reporting: Ability to create detailed reports on security incidents, assessments, and recommendations.
Stakeholder Communication: Skills in communicating technical security issues to non-technical stakeholders, including management and other departments.
Collaboration: Ability to work effectively with other IT teams, City Departments, Legal, and compliance departments to ensure a cohesive security strategy.
5. Knowledge of Regulatory Compliance
Regulatory Frameworks: Understanding of relevant regulatory requirements and standards such as NIST, HIPAA, PCI-DSS, CJIS, IRS 1075, and ISO 27001.
Compliance Monitoring: Ability to ensure that the City’s security practices comply with industry regulations and standards.
6. Ethical Hacking Skills
Penetration Testing: Skills in ethical hacking to test and identify vulnerabilities within systems.
Security Audits: Conducting regular security audits to ensure the integrity and security of systems.
7. Continuous Learning and Adaptability
Staying Updated: Commitment to staying informed about the latest developments in cybersecurity, including emerging threats and new technologies.
Adaptability: Ability to quickly adapt to new tools, technologies, and security challenges.
8. Project Management Skills
Planning and Execution: Ability to plan, manage, and execute security projects, including implementing new security measures or responding to incidents.
Resource Management: Efficient use of resources to achieve security objectives within the given constraints.
9. Ethical Judgment and Integrity
Confidentiality: Strong sense of responsibility in handling sensitive information and maintaining confidentiality.
Ethical Decision-Making: Making decisions that are in the best interest of the City’s security and ethical standards.
The Information Security Analyst will specialize in identifying, tracking and managing risks and vulnerabilities affecting the City of Philadelphia’s IT environment. The analyst will also contribute to the development of the OIT’s information security program and provide analytical support for the ISG. The preferred candidate will be able to work effectively in a collaborative environment and will have a strong interest in the current security landscape, resources and threats affecting large municipal government networks.
Essential Functions
Perform continuous monitoring and analyst of data using various tools
Test effectiveness of IT and business process controls and provide remediation recommendations
Perform application, vulnerability and penetration testing and communicate findings to business unit leaders and technical subject matter experts
Document, track, and report on, and effectively communicate risks to the City of Philadelphia
Create controls, standards, and guidance documentation
Track and report on the effectiveness of information security technology, processes and polices
Support and participate in Information Security projects and initiatives as needed, including development of security monitoring procedures, incident response planning, etc.
Other duties as assigned
Competencies, Knowledge, Skills and Abilities
An Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:
1. Technical Skills
Knowledge of Security Tools: Proficiency in using security tools, processes such as SIEM, EDR, GRC, email security, firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption tools.
Network Security: Understanding of network protocols, architecture, and security best practices.
Operating Systems: Familiarity with different operating systems, especially Windows, Linux, and Unix, and their security features.
Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities in software, systems, and networks.
2. Cybersecurity Knowledge
Threat Intelligence: Knowledge of current cyber threats, attack vectors, and techniques used by malicious actors.
Incident Response: Skills in detecting, analyzing, and responding to security incidents and breaches.
Risk Management: Understanding of risk assessment, management strategies, and the ability to prioritize security efforts based on risk levels.
3. Analytical and Problem-Solving Skills
Critical Thinking: Ability to analyze complex security issues and develop effective solutions.
Attention to Detail: Precision in identifying potential security flaws and ensuring comprehensive security measures.
Forensic Analysis: Skills in investigating and understanding the root cause of security incidents.
4. Communication Skills
Reporting: Ability to create detailed reports on security incidents, assessments, and recommendations.
Stakeholder Communication: Skills in communicating technical security issues to non-technical stakeholders, including management and other departments.
Collaboration: Ability to work effectively with other IT teams, City Departments, Legal, and compliance departments to ensure a cohesive security strategy.
5. Knowledge of Regulatory Compliance
Regulatory Frameworks: Understanding of relevant regulatory requirements and standards such as NIST, HIPAA, PCI-DSS, CJIS, IRS 1075, and ISO 27001.
Compliance Monitoring: Ability to ensure that the City’s security practices comply with industry regulations and standards.
6. Ethical Hacking Skills
Penetration Testing: Skills in ethical hacking to test and identify vulnerabilities within systems.
Security Audits: Conducting regular security audits to ensure the integrity and security of systems.
7. Continuous Learning and Adaptability
Staying Updated: Commitment to staying informed about the latest developments in cybersecurity, including emerging threats and new technologies.
Adaptability: Ability to quickly adapt to new tools, technologies, and security challenges.
8. Project Management Skills
Planning and Execution: Ability to plan, manage, and execute security projects, including implementing new security measures or responding to incidents.
Resource Management: Efficient use of resources to achieve security objectives within the given constraints.
9. Ethical Judgment and Integrity
Confidentiality: Strong sense of responsibility in handling sensitive information and maintaining confidentiality.
Ethical Decision-Making: Making decisions that are in the best interest of the City’s security and ethical standards.
Reference: 202392353
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog