What are the responsibilities and job description for the Cybersecurity Analyst II position at VRK IT Vision Inc.?
Title: Cybersecurity Analyst II
Location: 4801 Columbus Street, Suite 301, Virginia Beach, VA 23462
Job Summary: This job performs critical information security services in the operation of the City's information security program including vulnerability management, security and event monitoring, threat evaluation, risk management, incident response, and compliance activities. Responsible for the operations of various security related applications, reviewing system architecture submittals, perform risk-based analysis, and participate in security incidents, DevSecOps processes, and compliance related activities. perform related work as required. May be expected to participate in a 24x7 operational rotation as a member of the network and security operations center staff.
Job Responsibilities
Location: 4801 Columbus Street, Suite 301, Virginia Beach, VA 23462
Job Summary: This job performs critical information security services in the operation of the City's information security program including vulnerability management, security and event monitoring, threat evaluation, risk management, incident response, and compliance activities. Responsible for the operations of various security related applications, reviewing system architecture submittals, perform risk-based analysis, and participate in security incidents, DevSecOps processes, and compliance related activities. perform related work as required. May be expected to participate in a 24x7 operational rotation as a member of the network and security operations center staff.
Job Responsibilities
- Perform compliance activities and audits such as policy reviews, process reviews, and third-party security audits.
- Monitor, configure, and operate an enterprise class anti-virus/anti-malware system including policy, scanning and remediation activities.
- Conduct and participate in cybersecurity related investigations and incidents.
- Evaluate application and IT infrastructure for risk and threat assessment.
- Evaluate vulnerability and threat information to assess, measure, and prioritize mitigations based on risk.
- Participate in DevSecOps processes and familiarity with programming practices, threat modeling and testing methodologies.
- May be expected to participate in a twenty-four by seven (24x7) operational rotation as a member of the network and security operations center staff.
- Analyze and install manufacturer supplied or internally developed system software and/or hardware to maintain or enhance the City’s information technology systems and configurations. Once systems are installed, test system and troubleshoot bugs to ensure proper connectivity and compatibility/integration with interconnected systems.
- Collaborate with other information technology professionals to plan and administer projects to determine impact and establish scope and schedules in order to ensure satisfactory and timely completion of work.
- Provide technical advice to management and other personnel on software and hardware capabilities, limitations, and costs; perform troubleshooting and problem solving to provide around-the-clock system availability.
- May train and direct work of junior staff; coordinate with other information technology professionals to tailor system components and configurations to optimize performance.
- Perform other job duties requiring skills, knowledge and physical requirements as demanded by those duties described or less. Individual assignments will be determined by the supervisor based on then current workloads and department needs.
- Knowledge of principles of cyber security best practices and concepts.
- Experience with performing compliance activities and audits such as policy reviews, process reviews and third-party security audits.
- Familiarity with HIPAA, CJIS, Virginia CDPA along with other Federal and state privacy regulations as they pertain to data privacy and information security control requirements.
- Experience with the monitoring and operation of SEIM applications.
- Experience with configuring and operating an enterprise class anti-virus/anti-malware system including policy, scanning and remediation activities.
- Experience conducting and participating in cyber security related investigations and incidents.
- Familiarity with database, network, virtualization and OT operations concepts and design.
- Experience evaluating application and IT infrastructure for risk and threat assessment.
- Experience with security architecture and security best practices for AWS, Azure, Google Cloud and/or other public cloud platforms.
- Experience with evaluating vulnerability and threat information to assess, measure and prioritize mitigations based on risk.
- Experience in participating in DevSecOps processes and familiarity with programming practices, threat modeling and testing methodologies.
- Familiarity with NIST Cyber Security Framework and ISO 27001 Framework.
- BS/BA degree in related discipline strongly preferred (i.e. Engineering, Computer Science, or similar technical degree).
- 1 years’ experience in networking, programming, IT infrastructure or related discipline.
- 3 years’ experience in cyber security risk management, compliance or threat management or related discipline.
- Holds one or more of the following certifications: Security , CCNA Security, CCNP Security, GSEC or CISSP