City of Seattle
Cybersecurity Analyst
City of Seattle, Seattle, Washington, us, 98127
Seattle Public Utilities (SPU) is seeking a dedicated and skilled
Cybersecurity Analyst (IT Professional A, Exempt)
to join our team. This crucial role is responsible for identifying, classifying, and prioritizing cybersecurity vulnerabilities, risks, and mitigation plans to protect SPU's infrastructure and services. As the Cybersecurity Analyst, you will contribute to maintaining and updating SPU's Cybersecurity Risk Management Plan, ensuring alignment with business needs and coordination with the City's cybersecurity objectives.
As a key member of our cybersecurity team, you will play a vital role in developing strategic initiatives and policies to create and maintain a secure, efficient, and resilient technology environment. This position involves close collaboration with the SPU Cybersecurity Manager, leadership, and both internal and external stakeholders to prioritize cybersecurity efforts, develop actionable roadmaps, and oversee the implementation of critical projects.
The Cybersecurity Analyst will focus on and support SPU major cybersecurity initiatives, including the Utility Cyber Response Program, Utility Cyber Governance Program, and Utility Cyber Risk Management Program. These programs are essential for safeguarding our operational technology (OT) systems, ensuring business continuity, and protecting the public by securing the systems that deliver our essential services.
If you are passionate about cybersecurity and eager to contribute to the protection of critical infrastructure that serves the residents of the City of Seattle and beyond, you're invited to apply today!
About Seattle Public Utilities:
Seattle Public Utilities (SPU) is a community-centered utility that delivers vital services to Seattle residents and businesses including drinking water, drainage and wastewater, and garbage/recycling/compost. SPU also provides drinking water for 1.5 million customers in the region. SPU’s work includes system maintenance and improvements and keeping Seattle clean. Over 1,400 SPU employees work with our community to provide affordable and equitable stewardship of our water and waste resources for future generations.
SPU commits to
Our City Values
and
Race and Social Justice
as core principles that guide our work. We actively take steps to dismantle systemic racism and increase service equity. We value diverse life experiences and strive to create a workplace that is welcoming to all. We take steps to be inclusive and equitable in our recruiting, hiring and promotional opportunities.
We know work isn't only about what you do it’s also about who you work for and with! SPU provides a fun and family-friendly work environment that supports a work life balance, including:
Hybrid work schedule opportunities (As Appropriate)Family-friendly and multicultural work environmentGenerous benefits packageFree Orca PassCity pension plan with employer/employee contributionsGrowth potential and advancement opportunities
Key duties of this position include:
Develop and maintain the utility’s Cybersecurity governance processes, policies, and standards of practice, in coordination with Seattle Public Utilities and Seattle IT stakeholders.Maintain the risk framework, develop metrics, monitor, and report on risks, maturity, and progress of the Cybersecurity program to identify high priority goals and support roadmap development.Conduct and support third-party cyber risk assessments. Risk assessments may include OT/SCADA environments, IT/OT convergence areas, and assessments of various other existing or emerging technologies. Assess and provide subject-matter expertise and guidance on cybersecurity risk for OT projects and change requests.Develop policies, guidelines, and standards to ensure the safety, reliability, availability, confidentiality, and integrity of a wide range of operational technologies to include SCADA systems, internal and perimeter communications, and other applicable devices or supporting services.Actively team with operational technology staff to identify malware or malicious activity and investigate/troubleshoot issues for root cause remediation. Lead incident response activities to minimize risk of compromised systems while ensuring continued utility operations.Work with Seattle IT Digital Security and Risk and Seattle City Light Cybersecurity teams to develop cross-department incident management protocols and to respond to incidents impacting SPU IT/OT environments.Prepare and deliver cybersecurity communications including reports to both technical and non-technical audiences, contributing to Cybersecurity training and awareness activities for staff, and effectively communicating progress of Cybersecurity projects/initiatives.
*Please note this job advertisement is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Experience:
Five (5) years of progressively responsible experience in IT/OT Cybersecurity management and operations, regulatory compliance, policy, and program development as well as experience successfully leading large, complex projects in business/IT consulting/management roles.
Desired Qualifications:
Strong understanding of technology trends, risks, and Cybersecurity best practices, utility operational and information technologies.Understanding of Utility Operational and Information Technologies.Advanced technology skills and expertise in the following areas:
Incident response and threat intelligence.Utilizing techniques and tools to detect and analyze indicators of compromise (IoCs) and determine the scope and impact of an incident.Network Security and Firewalls.Identity and Access Management (IAM).Penetration Testing and Vulnerability Assessment.Application Security and Cloud Security.
Ability to lead in cross-functional environment, develop and nurture professional relationships with a diverse group of stakeholders.Ability to balance competing priorities, multiple workstreams, and deliver results within resource constrained environments.Strong oral and written communication skills with ability to convey technical information to non-technical staff or customers.Proven ability to proactively solve problems and recommend solutions. Strong analytical and critical thinking skills.Possession of industry-recognized certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), Certified Information Systems Auditor (CISA) or equivalent is preferred but not required.
This position allows for the flexibility of a hybrid work schedule. Starting November 4, 2024, City employees will have the option to work remotely two days a week. Individual schedules will be agreed upon by the employee and their supervisor.
Who may apply:
The City of Seattle encourages people of all backgrounds to apply, including people of color, immigrants, refugees, women, LGBTQ, people with disabilities, veterans, and those with diverse life experience. This position is open to all qualified candidates that meet the minimum qualifications. The City of Seattle values diverse perspectives and life experiences. Applicants will be considered regardless of race, color, creed, national origin, ancestry, sex, marital status, disability, religious or political affiliation, age, sexual orientation, or gender identity.
The full salary range for this position is:
$118,890.72 - $178,356.96 Annually,
($56.94 - $85.42 per hour)
How to Apply:
Submit complete City of Seattle online application.
Upload your current resume,
ANDInclude a cover letter that addresses your knowledge, experience, and interest related to this position.
*** You must submit both a resume and cover letter. If you do not submit these documents, your application will not be considered. Please ensure that BOTH documents have successfully been uploaded before submitting your application. ***
For more information regarding this recruitment, please contact:
Ernest Stephens at
Ernest.Stephens@Seattle.gov
.
The City of Seattle offers a comprehensive benefits package including vacation, holiday, and sick leave as well as medical, dental, vision, life and long-term disability insurance for employees and their dependents.
More information about employee benefits is available on the City's website at:
https://www.seattle.gov/human-resources/benefits/employees-and-covered-family-members/most-employees-plans
#J-18808-Ljbffr
Cybersecurity Analyst (IT Professional A, Exempt)
to join our team. This crucial role is responsible for identifying, classifying, and prioritizing cybersecurity vulnerabilities, risks, and mitigation plans to protect SPU's infrastructure and services. As the Cybersecurity Analyst, you will contribute to maintaining and updating SPU's Cybersecurity Risk Management Plan, ensuring alignment with business needs and coordination with the City's cybersecurity objectives.
As a key member of our cybersecurity team, you will play a vital role in developing strategic initiatives and policies to create and maintain a secure, efficient, and resilient technology environment. This position involves close collaboration with the SPU Cybersecurity Manager, leadership, and both internal and external stakeholders to prioritize cybersecurity efforts, develop actionable roadmaps, and oversee the implementation of critical projects.
The Cybersecurity Analyst will focus on and support SPU major cybersecurity initiatives, including the Utility Cyber Response Program, Utility Cyber Governance Program, and Utility Cyber Risk Management Program. These programs are essential for safeguarding our operational technology (OT) systems, ensuring business continuity, and protecting the public by securing the systems that deliver our essential services.
If you are passionate about cybersecurity and eager to contribute to the protection of critical infrastructure that serves the residents of the City of Seattle and beyond, you're invited to apply today!
About Seattle Public Utilities:
Seattle Public Utilities (SPU) is a community-centered utility that delivers vital services to Seattle residents and businesses including drinking water, drainage and wastewater, and garbage/recycling/compost. SPU also provides drinking water for 1.5 million customers in the region. SPU’s work includes system maintenance and improvements and keeping Seattle clean. Over 1,400 SPU employees work with our community to provide affordable and equitable stewardship of our water and waste resources for future generations.
SPU commits to
Our City Values
and
Race and Social Justice
as core principles that guide our work. We actively take steps to dismantle systemic racism and increase service equity. We value diverse life experiences and strive to create a workplace that is welcoming to all. We take steps to be inclusive and equitable in our recruiting, hiring and promotional opportunities.
We know work isn't only about what you do it’s also about who you work for and with! SPU provides a fun and family-friendly work environment that supports a work life balance, including:
Hybrid work schedule opportunities (As Appropriate)Family-friendly and multicultural work environmentGenerous benefits packageFree Orca PassCity pension plan with employer/employee contributionsGrowth potential and advancement opportunities
Key duties of this position include:
Develop and maintain the utility’s Cybersecurity governance processes, policies, and standards of practice, in coordination with Seattle Public Utilities and Seattle IT stakeholders.Maintain the risk framework, develop metrics, monitor, and report on risks, maturity, and progress of the Cybersecurity program to identify high priority goals and support roadmap development.Conduct and support third-party cyber risk assessments. Risk assessments may include OT/SCADA environments, IT/OT convergence areas, and assessments of various other existing or emerging technologies. Assess and provide subject-matter expertise and guidance on cybersecurity risk for OT projects and change requests.Develop policies, guidelines, and standards to ensure the safety, reliability, availability, confidentiality, and integrity of a wide range of operational technologies to include SCADA systems, internal and perimeter communications, and other applicable devices or supporting services.Actively team with operational technology staff to identify malware or malicious activity and investigate/troubleshoot issues for root cause remediation. Lead incident response activities to minimize risk of compromised systems while ensuring continued utility operations.Work with Seattle IT Digital Security and Risk and Seattle City Light Cybersecurity teams to develop cross-department incident management protocols and to respond to incidents impacting SPU IT/OT environments.Prepare and deliver cybersecurity communications including reports to both technical and non-technical audiences, contributing to Cybersecurity training and awareness activities for staff, and effectively communicating progress of Cybersecurity projects/initiatives.
*Please note this job advertisement is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Experience:
Five (5) years of progressively responsible experience in IT/OT Cybersecurity management and operations, regulatory compliance, policy, and program development as well as experience successfully leading large, complex projects in business/IT consulting/management roles.
Desired Qualifications:
Strong understanding of technology trends, risks, and Cybersecurity best practices, utility operational and information technologies.Understanding of Utility Operational and Information Technologies.Advanced technology skills and expertise in the following areas:
Incident response and threat intelligence.Utilizing techniques and tools to detect and analyze indicators of compromise (IoCs) and determine the scope and impact of an incident.Network Security and Firewalls.Identity and Access Management (IAM).Penetration Testing and Vulnerability Assessment.Application Security and Cloud Security.
Ability to lead in cross-functional environment, develop and nurture professional relationships with a diverse group of stakeholders.Ability to balance competing priorities, multiple workstreams, and deliver results within resource constrained environments.Strong oral and written communication skills with ability to convey technical information to non-technical staff or customers.Proven ability to proactively solve problems and recommend solutions. Strong analytical and critical thinking skills.Possession of industry-recognized certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), Certified Information Systems Auditor (CISA) or equivalent is preferred but not required.
This position allows for the flexibility of a hybrid work schedule. Starting November 4, 2024, City employees will have the option to work remotely two days a week. Individual schedules will be agreed upon by the employee and their supervisor.
Who may apply:
The City of Seattle encourages people of all backgrounds to apply, including people of color, immigrants, refugees, women, LGBTQ, people with disabilities, veterans, and those with diverse life experience. This position is open to all qualified candidates that meet the minimum qualifications. The City of Seattle values diverse perspectives and life experiences. Applicants will be considered regardless of race, color, creed, national origin, ancestry, sex, marital status, disability, religious or political affiliation, age, sexual orientation, or gender identity.
The full salary range for this position is:
$118,890.72 - $178,356.96 Annually,
($56.94 - $85.42 per hour)
How to Apply:
Submit complete City of Seattle online application.
Upload your current resume,
ANDInclude a cover letter that addresses your knowledge, experience, and interest related to this position.
*** You must submit both a resume and cover letter. If you do not submit these documents, your application will not be considered. Please ensure that BOTH documents have successfully been uploaded before submitting your application. ***
For more information regarding this recruitment, please contact:
Ernest Stephens at
Ernest.Stephens@Seattle.gov
.
The City of Seattle offers a comprehensive benefits package including vacation, holiday, and sick leave as well as medical, dental, vision, life and long-term disability insurance for employees and their dependents.
More information about employee benefits is available on the City's website at:
https://www.seattle.gov/human-resources/benefits/employees-and-covered-family-members/most-employees-plans
#J-18808-Ljbffr