Senior Information Security Analyst

Company: City of Bellingham
Location: Bellingham
Posted on: March 17, 2023

Job Description:

JOB
Are you an experienced professional in Information Security, including vulnerability management, SIEM administration, and/or incident response responsibilities? TheCity of Bellinghamis hiring for a Senior Security Information Analyst. Apply today!***This position is open until filled with a first review of applications on April 10,2023,at 8:30 am. The position may be closed at any time following this review.*** The full salary range for this position is $7,946/month - $9626/month.Placement within the range is based on qualifications and professional experience in accordance with City policy. Employees receive step increases annually in accordance with theTeamsters (Supervisory and Professional Unit) Collective Bargaining Agreementand City policy.City of Bellingham employees receive medical, dental, and vision insurance as well as life insurance and long-term disability. Additional benefits include flexible spending accounts, a medical insurance opt-out program, and access to our employee assistance program. All eligible City employees are enrolled in aWashington State Department of Retirement Systemspension plan. Additionally, employees may elect to participate in the City's 457 deferred compensation retirement savings plan. Employees will receive 12 paid holidays in addition to one paid floating holiday each year. At the time of hire, employees will accrue 8 hours of sick leave and 10 hours of vacation per month. Vacation accruals increase based on years of service.Leave accruals are based on 1.0 FTE, accruals are pro-rated if part-time and require employees to be in paid status at least 120 hours/month.For additional information regarding benefits and compensation Information please visit the following:Labor Agreements, Pay Schedules and E-Team Employee Handbook - City of Bellingham (cob.org)Employment Benefits - City of Bellingham (cob.org)Flexibility and work/life balance are important to the City of Bellingham. Remote work is allowed up to 3 days per week. We allow some "flexing" of hours during each pay period to support work/life balance for employees.JOB SUMMARY:Oversees and serves as primary resource for administrative, operational, and technical aspects of the City's security information event and vulnerability management systems. Prioritizes the availability, operation, maintenance, and security of the City's computer systems, networks and data. The City's networks are a mission critical part of the City's operation and provide services to over 30 staffed worksites and to numerous non-staffed locations. Conducts risk assessments, evaluates security vulnerabilities, and monitors and analyzes City systems to identify priority mitigations. Provides direction, coordination, assistance and training support to City staff to correct identified security vulnerabilities and implement priority security controls. Prepares, plans and leads tabletop exercises for City staff based on City policies and procedures. Coordinates or supports ad-hoc information security projects. Participates in the selection of consultants to conduct outside risk assessments and/or pen tests. Reviews, drafts and improves incident response plans and procedures. Maintains detailed and accurate technical and administrative records. Serves as a member of the IT Security Team. Leads and/or assists with internal technical investigations.Assists the Director and Network Operations Manager in developing programs to ensure City compliance with regulatory, security, and privacy standards such as Criminal Justice Information Services (CJIS), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS), along with security and privacy standards adopted by the City.ESSENTIAL FUNCTIONS OF THE JOB:Monitors the availability, operation, maintenance and security of the City's computer systems, networks and data. Using a variety of enterprise monitoring tools, reviews anomalies, bulletins, and alerts as they may apply to the enterprise network. Advises other staff and enterprise clients of steps to take to mitigate security threats. If threat is imminent, determines risk of waiting to apply known fixes/patches as opposed to immediate implementation.Oversees and serves as primary resource responsible for administrative, operational, and technical aspects of the City's Security Information and Event Management (SIEM) and multiple vulnerability management platforms. Provides leadership, direction, coordination and training to technical staff to correct high priority vulnerabilities. Resolves problems through internal resources or through consultation with vendor technical support staff. Monitors the security of the City's technology systems using best practices and security standards. Develops dashboards or reports to provide awareness, training and status information to other staff. Researches and maintains knowledge of current network security and network infrastructure technologies and best practices. Serves as a member of the IT Security Team responsible for supporting security initiatives in area of responsibility. Reviews and maintains required security metrics and documentation on City systems, ensuring compliance with security standards. Responds to incidents, providing guidance to all levels of the organization; may serve as technical lead on incidents consistent with City policies and procedures.Plans, coordinates and conducts cybersecurity tabletop exercises based on existing policies and procedures. Selects appropriate exercises from partner agencies (i.e. Washington State Office of Cybersecurity) and modifies to represent the City's needs. Creates presentation material, schedules and leads exercises.Plans and conducts internal risk assessments and audits. Serves as project manager for risk assessments and pen tests. Responsible for project development, planning, implementation, communication and training. Develops requests for information (RFIs) and requests for proposals (RFPs); reviews bids to ensure vendors meet minimum requirements; participates in selection of vendors. Works closely with department administrative staff to maintain accurate billing, budget and related project records. Supports external technical audits and assessments by collecting and distributing relevant data and documentation.Serves as lead for certificate management. Acquires, manages, inspects and applies certificates to internal and external systems.Supports Department Director and Network Operations Manager in the development and monitoring of budgets for security systems and outside professional services. Recommends products and services and provides budget estimates to management.Maintains accurate and up-to-date technical and administrative records including documentation of the enterprise network and critical security configurations, risk registers, vendor contacts, network diagrams and Knowledge Base articles.Contributes to the development of City policies, standards, and procedures related to technology and security. Provides training and communications related to policies, procedures, and standards to City staff and outside contractors. Advises department leaders and managers of system vulnerabilities. ADDITIONAL WORK PERFORMED:Performs other related work of a similar nature and level.WORKING ENVIRONMENT:The work performed is in an office setting at a computer workstation with long periods of sitting or standing. Work environment incudes a normal range of noise and other distractions with low everyday risks working around standard office equipment. Work requires periodic visits to customer worksites. Work requires providing on-call support which may include evenings and weekends. The work involves occasionally inspecting equipment in ceilings to identify and solve problems, which can require ascending/descending ladders, entering tunnels, using lifts, standing on roofs to access equipment and cabling. Works with a variety of hand tools and computer diagnostic equipment to identify, repair and solve problems. Some travel to professional meetings is expected.Physical ability to perform the essential functions of the job including:Frequently operate a computer and other office machinery such as a keyboard, mouse, phone, and fax machine;Frequently remain stationary for long periods of time;Frequently communicate accurate information and ideas with others;Occasionally transports components weighing up to 25 pounds.

EXAMPLE OF DUTIES
Bachelor's degree in information security/cybersecurity, information technology, computer science or related field required.Technical:Four (4) years of experience in Information Security, including vulnerability management, SIEM administration, and/or incident response responsibilities.Two (2) years of experience in network administration and support in a complex multi-site enterprise environment.One of the following certifications strongly preferred: GSEC, Security+, CISM, CISSP.An equivalent combination of education and experience sufficient to provide the applicant with the knowledge, skill and ability to successfully perform the essential functions of the job will be considered.

MINIMUM QUALIFICATIONS
Agreement to and signature of a Privileged Access Confidentiality Agreement is required.Employment contingent upon passing a criminal convictions check, local background check and fingerprinting. Subject to re-check every five years.Valid Washington State driver's license and good driving record. Must provide a three-year driving abstract prior to hire.Willingness and ability to work extra hours or change hours as needed and to respond to evening and weekend callouts for incidents, emergencies, or when special circumstances require.

SUPPLEMENTAL INFORMATION
As part of the application process, a cover letter is required.Within the cover letter, please answer the following question:Please indicate why you are interested in this position and why this position is the next right step for you in your career. Include a brief summary of your education, experience, and qualifications.Please ensure your application is complete and all required information has been provided. Standard completeness means all application fields (contact information, personal information, education, work experience, references, and required supplemental questions). The information provided in your application must support your selected answers in the supplemental questionnaire. Provide as much detail as you believe will fully describe your experience and training.Supplemental Questionnaire responses not supported in your application will disqualify you from consideration for this position.Interviews for the most qualified candidates are tentatively scheduled for the week of May 1, 2023. Invitations to participate in the Interview process will be sent via e-mail on or around April 19, 2023.Please Note: Candidates will receive updates regarding application status via email. Please be sure to check your email frequently.Equal Opportunity:Our environment is characterized by respect for cultural backgrounds, belief systems, and ethnic diversity. The City of Bellingham is an Equal Opportunity Employer and values diversity in its work force. We do not make decisions on the basis of an individual's race, religion, creed, color, national origin, sex, marital status, age (40+), disability, retaliation, sexual orientation or gender identity, honorably discharged veteran or military status, status as a victim of domestic violence, sexual assault, and stalking, use of a trained dog guide or service animal by a person with a disability, or any other basis prohibited by local, state, or federal law. All are encouraged to apply for employment.Fair Hiring PracticesThe City provides individuals who have been arrested or convicted of a criminal offense an equal and fair opportunity to obtain employment.The City will not inquire about an applicant's criminal history until after a conditional job offer has been made.The City will disregard the prior arrest and conviction record of an otherwise qualified individual unless the offense is directly related to the job position for which the individual has applied.The City will notify an otherwise qualified applicant about a potentially disqualifying conviction and give the applicant an opportunity to submit information regarding the accuracy of the criminal records as well as evidence of mitigation or rehabilitation, as appropriate.

Keywords: City of Bellingham, Bellingham , Senior Information Security Analyst, Professions , Bellingham, Washington