Job Summary: The Information Security Analyst is a member of the Milwaukee County Security Operations Center (SOC) team providing infrastructure security monitoring, vulnerability reduction, and incident management. The IS analyst develops and executes assignments that influence important components and processes of IT Security. The IS analyst will perform Risk Analysis of business systems and IT projects, analyzing trends and recommending controls that provide adequate protection while minimizing the impact of security initiatives to the organization. The candidate should demonstrate a sound understanding of information security principles, independent thinking and analytical skills, technical knowledge and abilities as well as the ability to partner with organizations throughout Milwaukee County.
SOC Management. Work with the Security Manager to maintain the Security Operations Center including generating and reporting on metrics and completion of a continuous improvement of documentation.
Work with County business units on determining security requirements. Works with security leadership to develop strategies and plans to enforce security requirements and address identified risks. Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to communication, facilitation and consensus building.
Incident management/response and monitoring of systems. Responsible for responding to systems, user and network security incidents; creating and analyzing incident reports; interviewing end-users and system owners as needed; isolating potential sources; and recommending solutions and remediation plans. Works with other technology, security and business groups as part of the broader security investigations process. Manages and maintains network and infrastructure security monitoring and incident management, through the use of a Managed Service SIEM, internal intrusion prevention systems, vulnerability scanning tools and end point security solutions. Creates tickets for alerts that signal an incident and require IT support. Monitors and configures security monitoring tools such as Web filtering and IPS. Recommends how to optimize security monitoring tools based on threat hunting discoveries.
Vulnerability management. Runs vulnerability scans and reviews vulnerability assessment reports. Identifies vulnerabilities and works with IT in a ste ady well-managed vulnerability reduction plan.
Maintains current knowledge of security solutions and participates in the evaluation of new products and services. Plays an advisory role in the acquisition of new technology. Maintains current knowledge regarding security industry solutions, best practices, developments and trends. Reviews the latest alerts to determine relevancy and urgency specific to Milwaukee Country technology and environment. Participates in the evaluation, selection and implementation of security products and technologies. Works with IT department and members of the security team to identify, select and implement technical controls. Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
Perform all other duties as assigned.
Associate’s Degree in Computer Science, Information Technology, Information Assurance, or Cyber Security discipline; or related field, in conjunction with security certification.
At least three (3) years of progressive experience in a combination of complex IT infrastructure solutions, information security, compliance, regulatory and/or risk management.
Intermediate knowledge of all related computer and software applications, such as the MS Office suite.
Preferred: GIAC Security Essentials (GSEC), GCIH GIAC Certified Incident Handler, Security +, CompTIA Advanced Security Practitioner (CASP)
Additional Knowledge, Skills & Abilities: Ability to effectively understand and follow instructions. Exchange of basic information with internal and/or external contacts; Maintain sensitive or confidential information; Explain and gather information, answer queries, or provide assistance to internal and/or external contacts; Persuade, conform or recommend course of action with internal and/or external contacts; Read, write and comprehend simple instructions, reports, short correspondence and memos; Speak effectively before both intern al and/or external groups; Read, analyze, and interpret safety rules, operating/maintenance instructions and procedure manuals, scientific/technical journals and procedures, government regulations, financial and legal documents; Prepare and/or present written communications that pertain to controversial and complex topics.
PG36M (Org unit: 1160) MS