Senior Cyber Analyst (Information Security Analyst III)
This announcement will be used to fill two (2) positions.
Works as part of the Information Security Office (ISO) in a team environment to implement and administer cyber security tools and systems that ensure secure enterprise-wide operations performance and resiliency. Assesses needs, and deploys, administers and provides support for security systems to include host endpoint protection, data loss prevention, network-based intrusion detection and prevention systems, application layer firewalls, vulnerability management and forensics utilities, and other infrastructure deployed and maintained by the ISO. Participates in internal and third-party security assessments and audits that require interaction with agencies to remediate discovered system vulnerabilities; and manages and operates a Security Information and Event Management (SIEM) system and other security dashboards to monitor, research, and respond to cyber security related events and incidents due to data loss or system breach, malicious code, system configuration, and patch management issues. Directly supports ISO security analysts with incident response activities and requires daily coordination with other DIT divisions as well as agency information security coordinators and IT analysts; responds to agency inquiries; coordinates ISO activities with external divisions and entities; assists with fulfilling legal preservation and Freedom of Information Act (FOIA) and other data requests; and act as general technical and operation advisor on behalf of the ISO. Identity management systems experience required. The position requires the utmost integrity, good judgment and discretion in carrying out duties. Successful candidate must be of good character and reputation.
NECESSARY SPECIAL REQUIREMENTS:
The appointee to this position will be required to complete a criminal background check to the satisfaction of the employer.
Knowledge and experience with implementing and assessing compliance with information technology and privacy protection regulation and standards such as HIPAA, PCI-DSS, and other institutional technology standards and best practices defined by NIST, ISO 27000 series, OWASP, and SANS Top 20 Security Controls. Understanding and experience with network and security architecture, multiple operating system platforms, databases, web applications, and other evolving mobile and cloud technologies, to include but not limited to the following: malware inspection, traditional and application layer firewalls, VPN, identity management systems, data loss prevention, and network and host-based intrusion detection/prevention systems. At least two years of experience working with identity management systems. Minimum of five years of work experience in information technology security or infrastructure or system design, support, administration in a major sized organization preferred.
Work is generally sedentary performed in a normal work environment. All duties performed with or without reasonable accommodations.
It is the policy of Fairfax County Government to prohibit discrimination on the basis of race, sex, color, national origin, religion, age, veteran status, political affiliation, genetics, or disability in the recruitment, selection, and hiring of its workforce.
Reasonable accommodations are available to persons with disabilities during application and/or interview processes per the Americans with Disabilities Act. Contact 703-324-4900 for assistance. TTY 711. EEO/AA/TTY.