Cybersecurity Analyst

Distinguishing Characteristics:

The IT – Cybersecurity Analyst will assist the Director of Governance and Cybersecurity in the design, planning, testing, implementation, and administration of regulatory requirements and industry-wide accepted information cybersecurity principles, practices, and information systems to ensure the protection of information assets processed, stored, or transmitted by the Tucson Airport Authority (TAA) at Tucson International Airport (TUS) and Ryan Airfield (RYN). Ongoing support in the areas of incident response and investigation, vulnerability management, digital analysis and applied research in emerging areas of cybersecurity.

Evaluate the effectiveness of information security solutions and processes in place, keeping in mind the state of world events. Monitor for and identify cybersecurity risks and exposures, determine the causes of cybersecurity violations, assess, and implement procedures to halt future incidents. Understand and provide assistance to system users relative to information systems security matters. Participate in a team environment that provides cost-effective IT cybersecurity services to the various departments.

Work closely with other areas to insure optimum reliability and cohesiveness.

Essential Functions:

The following functions and all other functions not included in this job description are to be performed in the best interests and for the greater good of TAA.Support and advocate for TAA’s Mission, Vision, Guiding Principles and act as a champion and role-model of TAA’s Cultural Fundamentals.

Performs security incident response and forensic investigations.

Follow operational processes in detecting, triaging, and responding to cybersecurity threats.

Provide analytical and operational cybersecurity support.

Review alerts, alarms, dashboards, and reports to determine relevancy and urgency of cybersecurity threats, vulnerabilities, and incidents.

Enterprise IT operational experience - Strong understanding of operating systems, infrastructures, protocols, and applications.

Responsible for day-to-day security administration of company e-mail applications, key business applications and networks

Utilize technologies including but not limited to AV, IDS, IPS, MDR, email gateways, and web gateways to detect and respond to cybersecurity threats

Working knowledge of cyber threat actor tactics, techniques, and procedures (TTPs), including the ability to troubleshoot cybersecurity issues, configurations and incidents across a wide range of devices, and infrastructure environments

Document and communicate alerts and relevant information for escalation to appropriate teams

Collaborate with other teams to assess risk and coordinate response based on existing Work Instructions, Department Procedures and Company Policies Research, prioritize and differentiate between potential intrusion attempts and false alarms

Stay up to date with current vulnerabilities, attacks, and countermeasures

Evaluates new and emerging security technologies, features, and products to determine their application in the protection of TAA information assets

Performs security analysis, including architecture review, baselines, vulnerability assessments, and risk assessments to proactively identify security risks and exposures

Ensures change control processes are followed and service levels affected by those changes are  responsive to airport emergencies and situations that may involve loss of human life or property; support public safety and operational response to emergencies; utilize Incident Management System (ICS)/National Incident Management System (NIMS) protocols and procedures; coordinate and/or participate in after-action emergency de-briefing with appropriate departments and stakeholders.

The above listed functions are not necessarily all the essential functions. Job duties and functions may be expanded or reduced by management based on future changing needs and job requirements.

Position Requirements :

A Bachelor's degree from an accredited four-year college/university with major coursework in Information Technology (IT), Business, Information/Cybersecurity.

Industry certifications (i.e.…