Cybersecurity Analyst

Overview

First review of applications on February 13, 2026

Expected Hiring Range: $84,664 - $95,247

Starting Salary Depending on Experience and Qualifications

The Town of Oro Valley is seeking a skilled and dedicated Cybersecurity Analyst to join our Information Technology team. Your role will be critical in protecting our town's digital infrastructure, ensuring the integrity and confidentiality of our data and information systems. As a key member of our team, you will identify potential security vulnerabilities, develop robust strategies to mitigate risks, and implement effective cybersecurity measures.

This role is perfect for an individual with a strong understanding of cybersecurity principles and a passion for safeguarding digital assets. If you re always on the pulse of the latest trends in information security and enjoy the challenge of outsmarting cyber threats, the Town of Oro Valley is eager to meet you. This role is integral to ensuring the continuity of our digital services, protecting the data of our residents, and preserving the trust our community places in us.

• Under general supervision of the Cybersecurity & Network Operations Manager, the Cybersecurity Analyst is responsible for researching, implementing, and maintaining cybersecurity systems and solutions. This includes implementing policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The incumbent is expected to be knowledgeable of the enterprise’s security goals, policies, procedures, regulatory requirements, and guidelines, including actively working towards upholding those principles.
• Evaluates, recommends, implements and monitors IT security measures and programs in accordance with Town policies, procedures, IT security standards, new attacks and threat vectors.
• Secure and monitor all systems (application and infrastructure) including access control systems, financial systems, CJIS, business intelligence, confidential, and customer service systems.
• Responds to and resolves incidents, providing guidance to all levels of the organization; may serve as technical lead on incidents.
• Remediates incidents found in audits, reports, and analysis. May work with law enforcement and vendors to manage security threats.
• Supports information security effectiveness by evaluating the results of, and developing action plans, for vulnerability assessments, penetration testing, process and policy audits.
• Develops dashboards and or reports to provide awareness, training and status information to other staff. Communicates information clearly, effectively and as appropriate to the audience.
• Maintains clear and concise documentation; documents incident management activities, (e.g., time spent, actions taken, and status of incident); assists in designing and documenting cybersecurity or privacy processes, procedures, and standards.
• Selects appropriate exercises from partner agencies (i.e. State of Arizona, Arizona National Guard) and improves Town security based on findings.
• Researches the latest information technology security trends and recommends security enhancements.
• Resolves problems through internal resources or through consultation with vendor technical support staff.
• Assists in the development of security policies, standards, and best practices; develops and recommends compliance strategies for IT security programs, assesses risks of noncompliance with IT security policies, standards, and guidelines and reports findings.
• Develops, implements, and evaluates security awareness training programs and trains staff on security protocols, policies, and procedures.
• Performs other duties as assigned.

• Knowledge of enterprise information security architecture, design, and engineering with a primary focus on technologies, tools, and solutions
• Knowledge of incident response, security information event management, intrusion detection systems, threat hunting
• Knowledge of endpoint protection and response, and security orchestration automation and response
• Knowledge of vulnerability scanning tools.
• Ability to perform trend analysis and conduct independent systems analysis of business processes.
• Ability to maintain and prepare complex, comprehensive, and confidential reports.
• Ability to communicate effectively both verbally and in written communication.
• Ability to lead and perform threat hunting activities including analysis of threat intelligence, detection and evaluation of IOCs, and escalation of incidents.
• Ability to evaluate vendor solutions, make recommendations, and lead projects for deployment and/or enhancement of security systems.
• Ability to understand the NIST cybersecurity framework and application of its controls in operational security.
• Skill in implementing enterprise security best practices including encryption, implicit and explicit permissions, multi-factor authentication, auditing and digital forensics, and data retention.
• Skill in data analysis, problem…