IT Security Analyst

Full salary range $37.76 to $63.07 hourly.

Bachelor’s degree from an accredited college or university in computer science, management information systems, business management or related field with two (2) years of experience in a similar position as listed in the work functions. OR A combination of education and experience equivalent to six (6) years of experience in a similar position as listed in the work functions.

Regular and reliable attendance is a necessary component of job/position. Individuals required to use County vehicles and equipment must have a valid driver’s license and be free of any major traffic violations for the last three (3) years.

• Security+
• GSEC (SANS GIAC Security Essentials).
• GCIH: (SANS GIAC Certified Incident Handler).
• Certified Ethical Hacker (CEH).
• Other technology certifications relating to endpoints, cloud applications, or onsite systems.

Under general supervision, ensures the security of various Olmsted County technology systems including reviewing logs and systems, testing for vulnerabilities, and remediating issues. Works with the IT Security Architect and others to support security efforts. Coordinates and reviews audits from various outside agencies including the FBI and IRS. Ensures county compliance with IRS, HIPAA, CJIS, and PCI regulations. Reviews and recommends security improvements of County applications, systems, and procedures.

Educates users on security guidelines of business applications. Supports a diverse, respectful, and inclusive workplace.

• Reviews logs, reports, Security Information Event Management (SIEM) events, reported phishing, breach notifications, and security bulletins for emerging threats.
• Configures security systems to scan new systems and ingest additional information into SIEM.
• Performs vulnerability testing, risk analysis, and security assessments. Reviews audit findings and assists with implementing mitigations with various teams.
• Conducts research on emerging technologies, security efforts, and recommend technologies to increase security posture.
• Collaborates with end users and ITS staff to define business requirements in line with security posture.
• Educate internal customers and ITS staff on security best practices and remediation.
• Performs related duties as assigned.

• Knowledge of security systems, principals, design, and industry best practices.
• Knowledge of computers, hardware, software, and enterprise applications.
• Knowledge of business continuity, risk assessments, network defense and data analysis.
• Skill in analyzing technology security risk and impact.
• Skill in developing technology roadmaps to align with long term goals.
• Skill in researching emerging technologies, security efforts, and recommending technologies.
• Ability to coach and train users.
• Ability to establish and maintain effective working relationships with others.
• Ability to adapt to changing priorities, demands and timelines.
• Ability to communicate effectively, both verbally and in writing, including public speaking.

Persons with disabilities: the above is a general listing of job duties. Essential and non-essential functions may vary by individual position. Reasonable accommodations may be available for both essential and non-essential job duties.

Physical Demands and Work Environment: Primarily office environment requiring sitting, standing, walking, reaching, and handling up to 50 pounds. Tasks include repetitive hand movements, typing / data entry, talking and hearing, operating vehicles, and meeting various vision standards.

An Equal Opportunity Employer