Matanuska-Susitna Borough
Cyber Security Analyst
Matanuska-Susitna Borough, Palmer, Alaska, United States, 99645
Job Summary This position performs information technology cyber security and analysis functions in support of the Matanuska-Susitna Borough technology infrastructure. Work is performed and duties are carried out in accordance with established policies, procedures, and Borough core values: Accountability, Customer Focus, Dedication, Integrity, Responsiveness and Teamwork. Please Note: Hybrid-Telework options are available based on individual performance and preference. Pay Grade R1 - R10 - DOE Minimum Requirements Baccalaureate degree in a course of study related to the occupational field. Post-secondary education or experience which provides the expertise required to perform effectively the functions of the position may substitute for the degree on a year-for-year basis. Three (3) years of experience in the occupational field, sufficient to understand the major duties of the position with two (2) years of full-time Information Security related experience preferred.Relevant experience includes: performing work in an IT field, includingfamiliarity with cybersecurity roles, including the use of Intrusion Detection/Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM), and threat analysis. Additionally, performing professional duties relevant to the work may involve experience with network security architecture, network design, and common networking protocols (e.g., TCP/IP, DNS, VPN, etc.). This experience may also include investigating and responding to security incidents, including root cause analysis, as well as proficiency in cybersecurity tools such as firewalls, data encryption, and vulnerability scanning technologies. Strong knowledge of cyber incident response procedures and familiarity with incident management frameworks (e.g., NIST, SANS, ISO/IEC, MITRE ATTandCK, CIS, etc.),along with the ability to work with malware analysis tools and deconstruct malware. Familiarity with cloud security and governance frameworks is also part of the relevant experience. Possession of or ability to readily obtain a valid drivers license issued by the State of Alaska for the type of vehicle or equipment operated. Must successfully pass a pre-employment background check. Completion of required Incident Command System (ICS) course in accordance with established Borough policy. Duties/Responsibilities Perform and monitor information security for the Borough's IT landscape to ensure the identification of required security related issues by configuring and establishing monitoring, correlation and alerting solutions. Protect digital files and information systems against unauthorized access, modification or destruction. Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of relevant event detail and summary information. Investigate and analyze security breaches to determine their root cause; ensure the situation is handled promptly and effectively following the security incident response process. Work with network and systems administrators to ensure security standards are configured and maintained to enable effective identification and alerting of potential security events, as well as reducing false positives to protect Borough assets. Perform operational support of information security technology such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Security Information and Event Management (SIEM). Assist with implementation of countermeasures or mitigating controls as they relate to the Borough's security posture. Provide security reports to IT leadership on all related incidents, responses, and related issues. Complete information security related project tasks on time and within budget and scope. Develop and maintain the Cyber Incident Response plan; recommend and execute security strategies to improve processes based on lesso s learned over time. Participate in reviewing information security solutions and strategic planning and budgeting as it relates to cyber security. Plan, implement and upgrade security measures and controls. Maintain network and system security diagrams and documentation. Act as the lead threat hunter at the Borough to consolidate and conduct comprehensive analysis of threat data for threat detection and incident response. Evaluate and work with vendors to deconstruct malware. Define, implement and maintain Borough information security policies. Support development and implementation of cyber security governance. Evaluate Borough departmental and operational needs to define and coordinate system performance requirements, integrate technical parameters, and assure compatibility of all physical, functional and program interfaces. Participate in enterprise architectural planning and implementation of IT infrastructure and systems; make recommendations for changes that can help the removal of vulnerabilities and reduction in the risk of exploitation that may result in potential incidents. Participate in vendor management for security related services and projects. Support security awareness training. Foster relationships with other organizations and vendors as related to cyber security. Performs other duties as assigned.