IT Security Analyst

**Job Posting**

Reporting to the Manager, Cybersecurity, the IT Security Analyst is an information security expert responsible for designing, implementing, maintaining, and administering all IT security systems and their associated Hardware/Software, including firewalls, intrusion detection systems, cryptography systems, proxy systems, remote access solutions, and anti-virus software solutions to mitigate risk and maximize security, service availability, efficiency and effectiveness. This position will assist with the development, implementation, and maintenance of IT security policies, practices and procedures to ensure security of the data and technology infrastructure. This includes developing and supporting security initiatives, analyzing and resolving security breaches and vulnerability issues in a timely fashion, and overseeing vulnerability, user activity audits and assessments as required. This position will be responsible for effectively communicating what we are doing and the rationale for it, both proactively and reactively during a security breach.

The duties also include participation in the establishment and implementation of a comprehensive security program aimed at preventing unauthorized access to municipal data, information, systems and supporting infrastructure. This role will also provide specialized expertise and guidance in assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Municipality’s resources.

**DUTIES AND RESPONSIBILITIES**:

- Design, implement, maintain, administer, and upgrade as needed all security related systems and their associated hardware and software through their life cycle including firewalls, intrusion detection systems, cryptography systems, proxy servers, remote access solutions, and anti-virus software solutions that mitigate risk and maximize security, service availability, efficiency and effectiveness
- Assist with the development, implementation, maintenance, and enforcement of security strategies, policies, practices, procedures, standards, baselines, and associated plans for the enterprise security model based on accepted security industry standards (i.e., PCI, ISO, CobiT, etc.)
- Assist the Information Security Officer with the creation and implementation of the system of General Computing Controls (GCC), Key Computing Controls (KCC), PCI Computing Controls (PCI) and Risk Governance Framework (RGF)
- Establish and implement a comprehensive security program (including patch management, anti-virus/anti-malware protection, and security awareness training) aimed at preventing unauthorized access to information, IT technology or other sensitive assets of the municipality which may result in disclosure, removal, modification or interruption of the Municipality’s valuable assets.
- Establish and administer contracts for all security related activities (i.e., Threat Risk Assessments, PCI Scans, etc.)
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats.
- Performs real-time analysis and correlation of logs/events and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Document findings and conform to processes related to security monitoring. Report to management on recurring risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Maintain currency with emerging security alerts (SANS Top 20 Critical Security Controls and OWASP Top 10), trends and issues, and recommend/conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts and educate executive and management teams on their relative importance and financial impact.
- Executes all IT security related investigations and forensic review/analysis of IT assets and resources assigned to staff and consultants under investigation and provides ongoing communication with senior management determining the cause of the security incident and preserving evidence for potential legal action when required.
- Maintain inventory of risks related to IT identified during audits, quarterly attestations or project assessments.
- Participates in all HRM security compliance activities that include but not limited to: Security and Access Auditing requirements and implementation, PCI Assessments, Privacy Impact Assessments, Threat Risk Assessments, Business Continuity Plans, and Disaster Recovery Planning.
- Implements prompt remediation actions/activities to be taken to address security audit recommendations and known security vulnerabilities in conjunction with other staff.
- Participates in assuring HRM’s continued PCI compliance in collaboration with key stakeholders in IT and the business units.
- Create, monitor and maintain reporting mech