Port of Portland, OR
Information Security Analyst
Port of Portland, OR, Portland, Oregon, United States, 97204
Salary:
$95,500.00 - $152,500.00 Annually
Location :
Portland 97218, OR
Job Type:
Full-Time Administrative
Remote Employment:
Flexible/Hybrid
Job Number:
02026
Division:
Finance, Tech & Analytics
Department:
Info Security
Opening Date:
01/02/2025
Closing Date:
1/17/2025 11:59 PM Pacific
FLSA:
Exempt
The Position
The
Port of Portland
is Hiring for an
Information Security Analyst !
Are you passionate about providing information security for a stellar organization? Do you strive to stay informed on current regulations and industry practices? Are you ready to serve as an integral resource as part of an Information Security Team? If so, we have the perfect opportunity for you! At the Port of Portland, we're determined to provide the top-notch information security for our organization!
Your Role:
We are seeking an individual to be responsible for analyzing and developing the integration, testing, operations, and maintenance of systems security. This includes analyzing system data from cyber defense and networking tools, as well as correlation and analysis of events within their environments to mitigate threats to the enterprise. This position must stay abreast of regulatory changes and industry best practices related to the rapidly changing cybersecurity landscape and stay engaged with the broader cybersecurity community. If you're ready to embark on a journey of professional growth while working with a team to provide the best information security at the
Port of Portland , apply now! Elevate your career with us!
We offer a flexible hybrid schedule that combines work-life balance with team collaboration. You'll be in the office Tuesday through Thursday to engage with colleagues and support our business lines, with the flexibility to work from home on Mondays and Fridays.
Essential Job Duties
Security Operations
Monitor security alert and cyber threat sources. Assist with response and analysis activities for security incidents/breaches, and legal/administrative investigations as required. Assist with the Port Vulnerability Management program and work with other IT teams to remediate discovered weaknesses. Provide administration and maintenance support for cyber security tools (e.g., vulnerability management tools, endpoint security solutions, SIEM, etc.). Analyze and report system security posture trends and apply security policies. Assess adequate access controls based on principles of least privilege (PoLP) and need-to-know. Assess the effectiveness of security controls.
Assessments and Compliance
Work with IT teams and business areas to monitor and comply with PCI-DSS, CJIS, DHS, and other applicable regulations and ensure compliance with relevant privacy/security regulations and security best practices (e.g., CIS Critical Controls, NIST, ISO standards). Review system, network, and application configuration changes along with testing and assessments. Provide recommendations regarding security implications. Verify and update security requirements and documentation.
Threat Hunting and System Defense
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous/misuse activities and distinguish these events from benign activities. Analyze identified malicious activity and perform event correlation and cyber defense trend analysis and reporting. Coordinate with both internal and external partners to validate and respond to identified alerts.
Information Security Program Development:
Research new cyber security trends, tools, and techniques, and provide recommendations to enhance the Port information security program. Participate on the IT Information Security Team and provide technical input (as required) to the Information Security Oversight Committee.
Minimum Qualifications
Education and Experience
Bachelor's degree in Computer Science, Information Systems, or similar information security related degree required. Minimum four years of experience in information systems security including current Windows and Linux operating systems, Active Directory, programming/scripting languages, IaaS/PaaS/SaaS, TCP/IP, Network technologies, IT forensic toolsets and processes including legal requirements, penetration testing tools/techniques. OR;
Any combination of education and experience that demonstrates the ability to perform the job duties. Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium (ISC)², preferred. Global Information Assurance Certification (GIAC) - SANS Institute, preferred. Demonstrated Skills & Abilities
Senior level security solution administration and engineering. Senior level security operations disciplines, risk management and assessment methodologies, security architecture, and NIST, ISO, and SANS information security standards. Senior level Operating system security baselines and configurations, security standards for application development. Senior level knowledge of security standards for application development including OWASP Top 10. Senior knowledge of Personally Identifiable Information (PII), Personal Health Information (PHI) and other relevant data privacy standards. Senior knowledge of network access, identity access management, and skills in developing and applying security system access controls. Continually assess evolving changes in quantity and complexity of external threats to security.
Supplemental and Selection Information
Security
Employees in this position will be required to successfully pass and maintain security clearance relevant to assigned duties such as SIDA (Security Identification Display Area).
Compensation Our organization adheres to established salary ranges for each position to ensure equitable pay practices. However, final offers are determined based on various factors, including the candidate's experience, qualifications, and considerations of internal pay equity.
SELECTION PROCESS (tentative schedule): A minimum qualification evaluation of education, training, and experience of submitted application packets will take place by Human Resources the week of January 20, 2025. A Subject Matter Expert (SME) Panel will perform an evaluation of experience and training taken from your employment application materials. Our goal is to schedule virtual first round of interviews with candidates who successfully passed the SME evaluation as soon as possible.
About us:
At the Port of Portland, we use everything we have - our three airports, four marine terminals, five business parks, and all the resources, expertise, and experience behind them - to move with purpose, connecting people with powerful opportunities and creating value for our region. We know that every person we hire, business we work with, contract we sign and decision we make is a chance to make someone's life better. And we'll use our power and influence to pull down barriers, unlock new opportunities, ensure more people share in our region's success and include those who have been excluded in the past. With YOUR help - together with our partners, customers, and community - we'll help drive meaningful change!
Do you have questions about this job?
Contact us: careers@portofportland.com
Safety:
The Port promotes safety as a guiding principle and practice in accomplishing work by complying with safety and health policies and procedures and consistently seeking improvements that support operational excellence.
Diversity and Inclusion:
At the Port, we don't just accept difference; we value and support it to create a culture of inclusiveness and fun. We are proud to be an Equal Opportunity Employer.
EEO/Affirmative Action Policy Statement:
The Port of Portland is dedicated to maintaining and improving a work environment, which extends equal opportunity to all individuals, regardless of their race, color, sex, age, religion, national origin, marital status, veteran status, disability or sexual orientation. Employment decisions shall be made in such a manner as to further the principle of equal employment opportunity and to comply with state, federal and local laws. We affirm through this policy statement our continuing commitment to the principles of nondiscrimination and affirmative action.
Veterans Preference:
Under Oregon law, qualified veterans may be eligible for veterans preference when applying for Port of Portland positions. If you are a veteran and would like to be considered for a veterans preference for this job, please provide the qualifying documents as instructed during the application process.
Background Checks and Drug Testing:
The Port of Portland will conduct background checks and/or drug tests for positions where such tests are required by regulation and for other safety-sensitive positions.
ADA Accommodation:
Accommodations will be considered for applicants or candidates with a qualifying disability that prevents them from participating in this process. Accommodations will be made where the Port can reasonably do so without imposing an undue hardship on the business or compromising the integrity of the recruitment process. An applicant with any disability who believes that they need an accommodation should contact Human Resources: call 503-415-6690 or email careers@portofportland.com.
At the Port of Portland, we strive to offer a holistic and comprehensive benefits package for employees and their families. We care about your health by offering highly-subsidized healthcare plans that include alternative care. We look out for you and for family by paying for life and accidental death & dismemberment (AD&D) insurance, short-term and long-term disability coverage. We participate in the Oregon Public Employees Retirement System (PERS) retirement program. We provide access to additional coverage and benefits including pre-tax spending accounts, voluntary term life insurance, a deferred compensation plan, and critical illness and accident insurance policies.
We go above and beyond by offering an award-winning wellness program for all employees to engage in. Employees can tend to their physical and mental health, earn rewards, and create community. Our employee assistance program supports the Port's commitment to emotional and mental well-being by providing mental health services, discounts on local gyms, and pet insurance for companions.
Our commitment to work-life balance ensures you have time to spend with loved ones and do the things you enjoy. We offer generous vacation time that accrues with length of service, sick leave that never expires and can be used for dependent care, health maintenance and mental health, and 8 weeks of paid parental leave - all in addition to 10 paid holidays. As an added bonus - because we know employees use their time off differently - once a year we give employees the opportunity to convert sick leave to personal leave, and to convert vacation leave to either cash, a retirement plan contribution, or a contribution to a Health Savings Account.
Please note:
Some benefits vary by job type/group, so please be sure to review your comprehensive benefit guide and/or collective bargaining agreement upon hire to confirm what is available to you.
$95,500.00 - $152,500.00 Annually
Location :
Portland 97218, OR
Job Type:
Full-Time Administrative
Remote Employment:
Flexible/Hybrid
Job Number:
02026
Division:
Finance, Tech & Analytics
Department:
Info Security
Opening Date:
01/02/2025
Closing Date:
1/17/2025 11:59 PM Pacific
FLSA:
Exempt
The Position
The
Port of Portland
is Hiring for an
Information Security Analyst !
Are you passionate about providing information security for a stellar organization? Do you strive to stay informed on current regulations and industry practices? Are you ready to serve as an integral resource as part of an Information Security Team? If so, we have the perfect opportunity for you! At the Port of Portland, we're determined to provide the top-notch information security for our organization!
Your Role:
We are seeking an individual to be responsible for analyzing and developing the integration, testing, operations, and maintenance of systems security. This includes analyzing system data from cyber defense and networking tools, as well as correlation and analysis of events within their environments to mitigate threats to the enterprise. This position must stay abreast of regulatory changes and industry best practices related to the rapidly changing cybersecurity landscape and stay engaged with the broader cybersecurity community. If you're ready to embark on a journey of professional growth while working with a team to provide the best information security at the
Port of Portland , apply now! Elevate your career with us!
We offer a flexible hybrid schedule that combines work-life balance with team collaboration. You'll be in the office Tuesday through Thursday to engage with colleagues and support our business lines, with the flexibility to work from home on Mondays and Fridays.
Essential Job Duties
Security Operations
Monitor security alert and cyber threat sources. Assist with response and analysis activities for security incidents/breaches, and legal/administrative investigations as required. Assist with the Port Vulnerability Management program and work with other IT teams to remediate discovered weaknesses. Provide administration and maintenance support for cyber security tools (e.g., vulnerability management tools, endpoint security solutions, SIEM, etc.). Analyze and report system security posture trends and apply security policies. Assess adequate access controls based on principles of least privilege (PoLP) and need-to-know. Assess the effectiveness of security controls.
Assessments and Compliance
Work with IT teams and business areas to monitor and comply with PCI-DSS, CJIS, DHS, and other applicable regulations and ensure compliance with relevant privacy/security regulations and security best practices (e.g., CIS Critical Controls, NIST, ISO standards). Review system, network, and application configuration changes along with testing and assessments. Provide recommendations regarding security implications. Verify and update security requirements and documentation.
Threat Hunting and System Defense
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous/misuse activities and distinguish these events from benign activities. Analyze identified malicious activity and perform event correlation and cyber defense trend analysis and reporting. Coordinate with both internal and external partners to validate and respond to identified alerts.
Information Security Program Development:
Research new cyber security trends, tools, and techniques, and provide recommendations to enhance the Port information security program. Participate on the IT Information Security Team and provide technical input (as required) to the Information Security Oversight Committee.
Minimum Qualifications
Education and Experience
Bachelor's degree in Computer Science, Information Systems, or similar information security related degree required. Minimum four years of experience in information systems security including current Windows and Linux operating systems, Active Directory, programming/scripting languages, IaaS/PaaS/SaaS, TCP/IP, Network technologies, IT forensic toolsets and processes including legal requirements, penetration testing tools/techniques. OR;
Any combination of education and experience that demonstrates the ability to perform the job duties. Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium (ISC)², preferred. Global Information Assurance Certification (GIAC) - SANS Institute, preferred. Demonstrated Skills & Abilities
Senior level security solution administration and engineering. Senior level security operations disciplines, risk management and assessment methodologies, security architecture, and NIST, ISO, and SANS information security standards. Senior level Operating system security baselines and configurations, security standards for application development. Senior level knowledge of security standards for application development including OWASP Top 10. Senior knowledge of Personally Identifiable Information (PII), Personal Health Information (PHI) and other relevant data privacy standards. Senior knowledge of network access, identity access management, and skills in developing and applying security system access controls. Continually assess evolving changes in quantity and complexity of external threats to security.
Supplemental and Selection Information
Security
Employees in this position will be required to successfully pass and maintain security clearance relevant to assigned duties such as SIDA (Security Identification Display Area).
Compensation Our organization adheres to established salary ranges for each position to ensure equitable pay practices. However, final offers are determined based on various factors, including the candidate's experience, qualifications, and considerations of internal pay equity.
SELECTION PROCESS (tentative schedule): A minimum qualification evaluation of education, training, and experience of submitted application packets will take place by Human Resources the week of January 20, 2025. A Subject Matter Expert (SME) Panel will perform an evaluation of experience and training taken from your employment application materials. Our goal is to schedule virtual first round of interviews with candidates who successfully passed the SME evaluation as soon as possible.
About us:
At the Port of Portland, we use everything we have - our three airports, four marine terminals, five business parks, and all the resources, expertise, and experience behind them - to move with purpose, connecting people with powerful opportunities and creating value for our region. We know that every person we hire, business we work with, contract we sign and decision we make is a chance to make someone's life better. And we'll use our power and influence to pull down barriers, unlock new opportunities, ensure more people share in our region's success and include those who have been excluded in the past. With YOUR help - together with our partners, customers, and community - we'll help drive meaningful change!
Do you have questions about this job?
Contact us: careers@portofportland.com
Safety:
The Port promotes safety as a guiding principle and practice in accomplishing work by complying with safety and health policies and procedures and consistently seeking improvements that support operational excellence.
Diversity and Inclusion:
At the Port, we don't just accept difference; we value and support it to create a culture of inclusiveness and fun. We are proud to be an Equal Opportunity Employer.
EEO/Affirmative Action Policy Statement:
The Port of Portland is dedicated to maintaining and improving a work environment, which extends equal opportunity to all individuals, regardless of their race, color, sex, age, religion, national origin, marital status, veteran status, disability or sexual orientation. Employment decisions shall be made in such a manner as to further the principle of equal employment opportunity and to comply with state, federal and local laws. We affirm through this policy statement our continuing commitment to the principles of nondiscrimination and affirmative action.
Veterans Preference:
Under Oregon law, qualified veterans may be eligible for veterans preference when applying for Port of Portland positions. If you are a veteran and would like to be considered for a veterans preference for this job, please provide the qualifying documents as instructed during the application process.
Background Checks and Drug Testing:
The Port of Portland will conduct background checks and/or drug tests for positions where such tests are required by regulation and for other safety-sensitive positions.
ADA Accommodation:
Accommodations will be considered for applicants or candidates with a qualifying disability that prevents them from participating in this process. Accommodations will be made where the Port can reasonably do so without imposing an undue hardship on the business or compromising the integrity of the recruitment process. An applicant with any disability who believes that they need an accommodation should contact Human Resources: call 503-415-6690 or email careers@portofportland.com.
At the Port of Portland, we strive to offer a holistic and comprehensive benefits package for employees and their families. We care about your health by offering highly-subsidized healthcare plans that include alternative care. We look out for you and for family by paying for life and accidental death & dismemberment (AD&D) insurance, short-term and long-term disability coverage. We participate in the Oregon Public Employees Retirement System (PERS) retirement program. We provide access to additional coverage and benefits including pre-tax spending accounts, voluntary term life insurance, a deferred compensation plan, and critical illness and accident insurance policies.
We go above and beyond by offering an award-winning wellness program for all employees to engage in. Employees can tend to their physical and mental health, earn rewards, and create community. Our employee assistance program supports the Port's commitment to emotional and mental well-being by providing mental health services, discounts on local gyms, and pet insurance for companions.
Our commitment to work-life balance ensures you have time to spend with loved ones and do the things you enjoy. We offer generous vacation time that accrues with length of service, sick leave that never expires and can be used for dependent care, health maintenance and mental health, and 8 weeks of paid parental leave - all in addition to 10 paid holidays. As an added bonus - because we know employees use their time off differently - once a year we give employees the opportunity to convert sick leave to personal leave, and to convert vacation leave to either cash, a retirement plan contribution, or a contribution to a Health Savings Account.
Please note:
Some benefits vary by job type/group, so please be sure to review your comprehensive benefit guide and/or collective bargaining agreement upon hire to confirm what is available to you.