9-1-1 Cybersecurity Analyst

Performs complex (journey-level) information security and cybersecurity analysis work involving planning, implementing, and monitoring security measures for the protection of the Capital Area Emergency Communications District (CAECD) 9-1-1 network infrastructure and systems. Work also includes protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. This position will work with vendor partners and may also assist other staff in performing work of greater complexity. Works under general supervision, with limited latitude for the use of initiative and independent judgment. Moderately complex is level I

• Work In partnership with CAECD’s Operations staff and vendors to assessment and monitor cyber security threats and implement policies, plans, and other measures to safeguard the 9-1-1 network configurations and systems against accidental or unauthorized access, modification, and destruction.
• Perform forensic analysis of network traffic using risk assessment and monitoring tools for cybersecurity incident detection and prevention of potential threats.
• Monitor and analyze cybersecurity alerts from cybersecurity tools, network devices, and information systems.
• Work with vendor partners to manage vulnerabilities.
• Research and analyze cybersecurity threat indicators and their behaviors for the prevention, detection, containment, and correction of data security breaches, and recommend threat mitigation strategies.
• Respond and take action to detect security incidents with timely escalations to limit losses and maintain or regain control of the 9-1-1 network and systems and ensure closure of incidents.
• Write detailed incident response reports.
• Remain up to date to understand the latest cyber threat landscape.
• Remain up to date as additions, changes, and/or modifications are made to the 9-1-1 network and systems.
• Participate in the development of information technology disaster recovery and business continuity planning.

Experience and/or education in a field relevant beyond levels required may substitute for required education and experience.
Experience
Minimum five (5) years of experience in cybersecurity analysis and risk assessment.
Education
Bachelor’s degree in cyber security, information technology, computer science, or a closely related field.  
Certifications
CompTIA Security certification is required.
Preferred

• CompTIA CySA certification is preferred.
• Certified Information Systems Security Professional (CISSP) credential conferred by the International Information System Security Certification Consortium (ISC²) is preferred.
• Experience working with emergency communications systems is preferred.

• Knowledge of the limitations and capabilities of computer systems and technology; technology across all mainstream networks, operating systems, and application platforms; operational support of networks, operating systems, internet technologies, databases, and security applications and infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; incident response program practices and procedures; and information security practices, procedures, and regulations.
• Knowledge of firewalls, VPNs, routers, and proxies as well as security and information event management systems (SIEMs).
• Skill in the use of applicable software and the configuration, deployment, monitoring, and automation of security applications and infrastructure.
• Ability to coordinate with appropriate teams and document the process of investigation and recovery.
• Ability to work with internal teams as well as vendor partners.
• Ability to resolve complex security issues in diverse and decentralized environments.
• Ability to learn from past incidents, strengthen defenses, and adjust strategies to stay ahead of evolving threats. 
• Ability to quickly respond to a threat, work with network engineers to patch a vulnerability, or identify and recommend new security protocols, and make data-driven decisions.
• Ability to maintain understanding of the latest cyber threat landscape and security best practices.
• Ability to notice a small anomaly and to plan, develop, monitor, and maintain cybersecurity and information technology security processes and control.
• Ability to respond quickly to a security event and prioritizing the tasks that will shut down the attack or isolate the data breach quickly to minimize damage and/or loss.

Salary : $77,000 - $92,000