Info Security Analyst

Description

The essential functions of this role are as follows: 

• Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; 

• Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. 

• Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. 

• Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53). 

• Develops Standard Operating Procedures (SOP) for implementing security polices; 

• Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; 

• Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; 

• Develops and implements procedures for use of information security management software; 

• Proposes information security software enhancements; 

• Performs periodic audits to assure security policies and standards are being followed and are effective. 

• Develops recommendations for enhancements and generates reports where necessary; 

• Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; 

• Mentors and provides guidance to new or other staff as needed; 

• Performs related duties as assigned. 

• Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; 

• Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; 

• Ability to develop and maintain information security standards; 

• Ability to understand and apply complex computer logic to work; 

• Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; 

Requirements

• Experience in assessing security needs of teams and assist in their security training. 

• Ability to communicate effectively both orally and in writing; 

• Ability to be a team member as well as a team leader depending on the situation; 

• Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred