Information Security Analyst

Philadelphia, PA, United States

City of Philadelphia

Official website of the City of Philadelphia, includes information on municipal services, permits, licenses, and records for citizens and businesses.

View all jobs at City of Philadelphia

Company Description

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. 
As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you’re interested in working with a passionate team of people who care about the future of Philadelphia, start here.


What We Offer:
•    Impact - The work you do here matters to millions. 
•    Growth - Philadelphia is growing, why not grow with it? 
•    Diversity & Inclusion - Find a career in a place where everyone belongs.
•    Benefits - We care about your well-being.
 

The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia’s businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city’s technology assets and the return on the city’s technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency.

Job Description

The Information Security Analyst will specialize in identifying, tracking and managing risks and vulnerabilities affecting the City of Philadelphia’s IT environment.  The analyst will also contribute to the development of the OIT’s information security program and provide analytical support for the ISG.  The preferred candidate will be able to work effectively in a collaborative environment and will have a strong interest in the current security landscape, resources and threats affecting large municipal government networks.


Essential Functions

  • Perform continuous monitoring and analyst of data using various tools
  • Test effectiveness of IT and business process controls and provide remediation recommendations
  • Perform application, vulnerability and penetration testing and communicate findings to business unit leaders and technical subject matter experts
  • Document, track, and report on, and effectively communicate risks to the City of Philadelphia 
  • Create controls, standards, and guidance documentation
  • Track and report on the effectiveness of information security technology, processes and polices
  • Support and participate in Information Security projects and initiatives as needed, including development of security monitoring procedures, incident response planning, etc.
  • Other duties as assigned

Competencies, Knowledge, Skills and Abilities
An Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:

1. Technical Skills

  • Knowledge of Security Tools: Proficiency in using security tools, processes such as SIEM, EDR, GRC, email security, firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption tools.
  • Network Security: Understanding of network protocols, architecture, and security best practices.
  • Operating Systems: Familiarity with different operating systems, especially Windows, Linux, and Unix, and their security features.
  • Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities in software, systems, and networks.

2. Cybersecurity Knowledge

  • Threat Intelligence: Knowledge of current cyber threats, attack vectors, and techniques used by malicious actors.
  • Incident Response: Skills in detecting, analyzing, and responding to security incidents and breaches.
  • Risk Management: Understanding of risk assessment, management strategies, and the ability to prioritize security efforts based on risk levels.

3. Analytical and Problem-Solving Skills

  • Critical Thinking: Ability to analyze complex security issues and develop effective solutions.
  • Attention to Detail: Precision in identifying potential security flaws and ensuring comprehensive security measures. 
  • Forensic Analysis: Skills in investigating and understanding the root cause of security incidents.

4. Communication Skills

  • Reporting: Ability to create detailed reports on security incidents, assessments, and recommendations.
  • Stakeholder Communication: Skills in communicating technical security issues to non-technical stakeholders, including management and other departments.
  • Collaboration: Ability to work effectively with other IT teams, City Departments, Legal, and compliance departments to ensure a cohesive security strategy.

5. Knowledge of Regulatory Compliance

  • Regulatory Frameworks: Understanding of relevant regulatory requirements and standards such as NIST, HIPAA, PCI-DSS, CJIS, IRS 1075, and ISO 27001.
  • Compliance Monitoring: Ability to ensure that the City’s security practices comply with industry regulations and standards.

6. Ethical Hacking Skills

  • Penetration Testing: Skills in ethical hacking to test and identify vulnerabilities within systems.
  • Security Audits: Conducting regular security audits to ensure the integrity and security of systems.

7. Continuous Learning and Adaptability

  • Staying Updated: Commitment to staying informed about the latest developments in cybersecurity, including emerging threats and new technologies.
  • Adaptability: Ability to quickly adapt to new tools, technologies, and security challenges.

8. Project Management Skills

  • Planning and Execution: Ability to plan, manage, and execute security projects, including implementing new security measures or responding to incidents.
  • Resource Management: Efficient use of resources to achieve security objectives within the given constraints.

9. Ethical Judgment and Integrity

  • Confidentiality: Strong sense of responsibility in handling sensitive information and maintaining confidentiality.
  • Ethical Decision-Making: Making decisions that are in the best interest of the City’s security and ethical standards.

Qualifications

  • Three or more years’ experience in Information Security with experience working in government, large campus and/or large enterprise environments preferred.
  • Completion of a Bachelor’s or Master’s Degree program at an accredited college or university, which has included major course work in computer science, information science or information security, preferred but not required.
  • Maintain or are working towards relevant industry certifications such as CompTIA, ISACA, SANS, EC-Council, and/or vendor specific certifications, as appropriate.

Or a partial combination of the above acceptable to OIT.

  • Ability to pass a CJIS background check

Additional Information

Salary Range: $85,000 - $95,000

Important: To apply, candidates must provide a cover letter and resume.

Work Setting: in-person (onsite)

Discover the Perks of Being a City of Philadelphia Employee:
•    We offer Comprehensive health coverage for employees and their eligible dependents
•    Our wellness program offers eligibility into the discounted medical plan
•    Employees receive paid vacation, sick leave, and holidays
•    Generous retirement savings options are available
•    Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness.
•    Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails.
•    Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too!
Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth!

*The successful candidate must be a city of Philadelphia resident within six months of hire

Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated.

The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to faqpchr@phila.gov.
 

Job stats:  7  3  0
Category: Analyst Jobs

Tags: Audits Compliance CompTIA Computer Science EDR Encryption Ethical hacking Firewalls HIPAA IDS Incident response Intrusion detection IPS ISACA ISO 27001 Linux Monitoring Network security NIST Pentesting Risk assessment Risk management SANS Security strategy SIEM Strategy Threat intelligence UNIX Vulnerabilities Vulnerability management Windows

Perks/benefits: Career development Flex vacation Health care Medical leave Startup environment Wellness

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.