Lead Security Analyst at City Of Alexandria Virginia
Alexandria, VA
About the Job
Lead Security Analyst
About the Department:
The Information Technology Services Department is responsible for enterprise technology operations for the City of Alexandria
ITS provides technology services and solutions to City departments to enhance service delivery
ITS aligns its work with City needs by providing leadership, resources, expertise, and products that enable departments to better serve the City’s residents, businesses, and visitors
ITS resources support initiatives funded through the multi-year Information Technology Capital Improvement Plan (IT/CIP) to improve the overall technology landscape
The City of Alexandria’s ITS Department has been a Top Ten National Finalist in the Digital Cities Award program for over the past 19 years
An Overview
The Department of Information Technology Services (ITS) is seeking a Lead Security Analyst who will have responsibility for overseeing the City of Alexandria government’s Cybersecurity Program
This position reports directly to the Chief Information Security Officer (CISO) and uses industry best practices to oversee the implementation of all security policies as directed by the CISO, and enforces the City’s enterprise cybersecurity through policy, architecture, technical and functional administration, and training
The Lead Security Analyst will also lead in selecting, configuring, communicating, and implementing cybersecurity solutions and security controls to identify and reduce IT risk
The Lead Security Analyst performs two core functions for the enterprise
The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems
Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments
The Lead Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.
What You Should Bring
You should have a demonstrated ability of being able to work independently, as well as a history of establishing and maintaining effective working relationships with coworkers, representatives of other departments and agencies, and the public
You must be able to communicate clearly and effectively, both verbally and in writing, as well as being able to mentor junior staff
You should be able to show proactivity in continuously improving your job knowledge and technical and functional skills through training opportunities and self-study
Our ideal candidate will have considerable hands-on experience in all aspects of cybersecurity, and an ability to lead, manage, and communicate.
The Opportunity
As the Lead Security Analyst your effort will be focused on all aspects of City-wide IT cybersecurity, from developing cybersecurity plans and strategies to preventing and mitigating cyber-attacks
Examples of duties include:
Develop, maintain, and matures risk and compliance reporting and alerting as well as SOC (security operations center) best practices and standard operating procedure documentation
Improve threat awareness through continuous development and improvement of processes including network vulnerability scanning, security information event management (SIEM) system, Threat detection and response, IT governance risk and control management and assessment, IPS/IDS systems, and other applications
Working service tickets within defined response time to completion
Help design, build, process prove and support workflows to the success of defined business goals
Participate as a respectful, thoughtful, listening and contributing member of committees and projects and working groups
Provides operational oversight, including project management, for all threat and vulnerability management functions
Supports the CISO and fellow ITS Security team members in responsibilities including project performance, incident response management, and other functions as needed
Shares in assuming CISO role and responsibility in the absence of the CISO
Ensuring compliance to City, industry and government regulations, policies, standards and procedures
Responding to internal and external audits
Work as an ITS Security team member with various cross-functional and technical teams to ensure effectiveness in measuring and managing risk appropriate for the City of Alexandria risk tolerance
Provide clear and timely analysis and reporting
Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the CISO, where appropriate Maintain up-to-date detailed knowledge of the cybersecurity industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
Assist in the review, selection, deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically
Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e
security tools) or not (e.g
workstations, servers, network devices)
Review logs and reports of all in-place devices, whether they be under direct control (i.e
security tools) or not (e.g
workstations, servers, network devices)
Interpret the implications of that activity and devise plans for appropriate resolution
Participate in the design and execution of vulnerability assessments, penetration tests, and security audits
Participates in incident response work
Performing other duties as assigned
Minimum & Additional Requirements
Four-Year College Degree with completion of college courses in computer science or related field; five years of experience as a Computer Programmer Analyst III or Network Engineer II including one year as an Information Security Analyst or Engineer, also to include three years of experience in project and contract management; or any equivalent combination of experience and training which provides the required knowledge, skills and abilities
Preferred Qualifications
Recent technical experience within the past five years demonstrating a comprehensive knowledge of information security and risk management and technology (audit compliance, regulatory compliance, business continuity and disaster recovery, vulnerability management, configuration management, web application security, intrusion detection and prevention systems, firewalls, and endpoint security)
Recent technical experience within the past five years demonstrating a comprehensive knowledge of security administration in a Windows-based network environment
Recent experience within the past five years demonstrating a comprehensive knowledge of information protection standards, guidelines, and applied procedures (i.e., industry "best practices")
Technical experience within the past 10 years demonstrating a comprehensive knowledge of server administration as applied to network and internet security
Good working knowledge of industry standard security controls, NIST 800-53, SANS 20 controls, CIS 18 Critical Controls, NIST Cybersecurity Framework, ISO 27002 Standard, and PCI-DSS
Experience within the past 10 years demonstrating a comprehensive knowledge of business needs coupled with the ability to establish and maintain a high level of customer trust and confidence in the security team's concern for customers
Notes
This position requires the successful completion of pre-employment checks including but not limited to a criminal background and drug screening
This position may be occasionally required to be available after normal working hours to support applications and to respond to the City’s Emergency Operations Center (EOC) when it is activated.
About the Department:
The Information Technology Services Department is responsible for enterprise technology operations for the City of Alexandria
ITS provides technology services and solutions to City departments to enhance service delivery
ITS aligns its work with City needs by providing leadership, resources, expertise, and products that enable departments to better serve the City’s residents, businesses, and visitors
ITS resources support initiatives funded through the multi-year Information Technology Capital Improvement Plan (IT/CIP) to improve the overall technology landscape
The City of Alexandria’s ITS Department has been a Top Ten National Finalist in the Digital Cities Award program for over the past 19 years
An Overview
The Department of Information Technology Services (ITS) is seeking a Lead Security Analyst who will have responsibility for overseeing the City of Alexandria government’s Cybersecurity Program
This position reports directly to the Chief Information Security Officer (CISO) and uses industry best practices to oversee the implementation of all security policies as directed by the CISO, and enforces the City’s enterprise cybersecurity through policy, architecture, technical and functional administration, and training
The Lead Security Analyst will also lead in selecting, configuring, communicating, and implementing cybersecurity solutions and security controls to identify and reduce IT risk
The Lead Security Analyst performs two core functions for the enterprise
The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems
Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments
The Lead Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.
What You Should Bring
You should have a demonstrated ability of being able to work independently, as well as a history of establishing and maintaining effective working relationships with coworkers, representatives of other departments and agencies, and the public
You must be able to communicate clearly and effectively, both verbally and in writing, as well as being able to mentor junior staff
You should be able to show proactivity in continuously improving your job knowledge and technical and functional skills through training opportunities and self-study
Our ideal candidate will have considerable hands-on experience in all aspects of cybersecurity, and an ability to lead, manage, and communicate.
The Opportunity
As the Lead Security Analyst your effort will be focused on all aspects of City-wide IT cybersecurity, from developing cybersecurity plans and strategies to preventing and mitigating cyber-attacks
Examples of duties include:
Develop, maintain, and matures risk and compliance reporting and alerting as well as SOC (security operations center) best practices and standard operating procedure documentation
Improve threat awareness through continuous development and improvement of processes including network vulnerability scanning, security information event management (SIEM) system, Threat detection and response, IT governance risk and control management and assessment, IPS/IDS systems, and other applications
Working service tickets within defined response time to completion
Help design, build, process prove and support workflows to the success of defined business goals
Participate as a respectful, thoughtful, listening and contributing member of committees and projects and working groups
Provides operational oversight, including project management, for all threat and vulnerability management functions
Supports the CISO and fellow ITS Security team members in responsibilities including project performance, incident response management, and other functions as needed
Shares in assuming CISO role and responsibility in the absence of the CISO
Ensuring compliance to City, industry and government regulations, policies, standards and procedures
Responding to internal and external audits
Work as an ITS Security team member with various cross-functional and technical teams to ensure effectiveness in measuring and managing risk appropriate for the City of Alexandria risk tolerance
Provide clear and timely analysis and reporting
Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the CISO, where appropriate Maintain up-to-date detailed knowledge of the cybersecurity industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
Assist in the review, selection, deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically
Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e
security tools) or not (e.g
workstations, servers, network devices)
Review logs and reports of all in-place devices, whether they be under direct control (i.e
security tools) or not (e.g
workstations, servers, network devices)
Interpret the implications of that activity and devise plans for appropriate resolution
Participate in the design and execution of vulnerability assessments, penetration tests, and security audits
Participates in incident response work
Performing other duties as assigned
Minimum & Additional Requirements
Four-Year College Degree with completion of college courses in computer science or related field; five years of experience as a Computer Programmer Analyst III or Network Engineer II including one year as an Information Security Analyst or Engineer, also to include three years of experience in project and contract management; or any equivalent combination of experience and training which provides the required knowledge, skills and abilities
Preferred Qualifications
Recent technical experience within the past five years demonstrating a comprehensive knowledge of information security and risk management and technology (audit compliance, regulatory compliance, business continuity and disaster recovery, vulnerability management, configuration management, web application security, intrusion detection and prevention systems, firewalls, and endpoint security)
Recent technical experience within the past five years demonstrating a comprehensive knowledge of security administration in a Windows-based network environment
Recent experience within the past five years demonstrating a comprehensive knowledge of information protection standards, guidelines, and applied procedures (i.e., industry "best practices")
Technical experience within the past 10 years demonstrating a comprehensive knowledge of server administration as applied to network and internet security
Good working knowledge of industry standard security controls, NIST 800-53, SANS 20 controls, CIS 18 Critical Controls, NIST Cybersecurity Framework, ISO 27002 Standard, and PCI-DSS
Experience within the past 10 years demonstrating a comprehensive knowledge of business needs coupled with the ability to establish and maintain a high level of customer trust and confidence in the security team's concern for customers
Notes
This position requires the successful completion of pre-employment checks including but not limited to a criminal background and drug screening
This position may be occasionally required to be available after normal working hours to support applications and to respond to the City’s Emergency Operations Center (EOC) when it is activated.
