Information Security Analyst

Job Overview

With a focus on student safety the Information Security Analyst performs a wide range of professional duties to support the planning development implementation and ongoing operation of information security systems tools and controls. The Information Security Analyst collaborates closely with the broader information security team and other stakeholders to identify evaluate and manage risks that could impact the confidentiality integrity and availability of sensitive data and systems; recommends and monitors improvements; prepares assessment reports.

Roles and Responsibilities

The following information is intended to describe the overall nature and scope of the work being performed. This is not a comprehensive listing of all responsibilities or tasks; work may differ and other work may be assigned when deemed appropriate.

• Serves on the information security team for day-to-day threat identification vulnerability/risk analysis and investigations as necessary
• Performs the evaluation handling and resolution of security incidents
• Performs event and incident analysis including baseline establishment and trends
• Assists with the engineering design implementation maintenance analysis and administration of LCPS information security technologies
• Evaluates new security technology & emerging threats and provide recommendations to strengthen the LCPS information security environment
• Participates in projects for information security requirements network design reviews and security testing for LCPS networks systems and other teams in LCPS. Coordinate with DDI systems network and development teams to ensure network security standards are being followed and implemented correctly
• Assists in the development of comprehensive reports and presentations for senior management effectively communicating vulnerability/risk assessment findings recommendations and status updates
• Remain competent aware and current on information security trends and intelligence to guide the security analysis & identification capabilities of the information security team
• Participate in developing implementing maintaining and promoting a district-wide information security program. Including but not limited to - information security awareness training for staff and students
• Performs other related duties as required or assigned

Qualifications

Below are the minimum qualifications for this job. Equivalent combinations of education and experience are also acceptable.

Education

Degree in information systems computer science or related field or demonstrated progressively responsible experience in the information security field

Experience

Minimum of four (4) years of progressively more responsible experience in information technology and/or cybersecurity some of which shall have been in information security risk management or a related field

Licenses and Certifications

Information security industry certifications/accreditations such as Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA)

Knowledge Skills and Abilities

• Excellent analytical problem-solving and project management skills to evaluate complex information security issues and provide practical recommendations
• A solid grasp of information security concepts methodologies and principles such as authentication authorization access control forensics threat and vulnerability management incident response and security awareness
• A robust understanding of privacy compliance programs encryption IDS/IPS Firewalls SEIMs EDR networking protocols log and network traffic analysis and cloud experience
• Work requires constant attention to details and deadlines the exercise of initiative independent judgment and discretion in dealing with delicate and frequent confidential matters
• Ability to work independently or collaboratively with cross-functional teams
• Effective verbal and written communication skills and effective presentation skills

Physical Requirements

The following provides a brief description of physical requirements for this job:

While performing the duties of this job the employee is regularly talking expressing or exchanging ideas by means of the spoken word. The employee must convey detailed or important spoken instructions to other workers accurately loudly or quickly. The employee must possess normal cognitive abilities including the ability to learn recall and apply certain practices and policies. Frequently sitting and/or remaining in a stationary position for long periods of time. Exerting up to 25 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift carry push pull or otherwise move objects.

Reports to:Supervisor Information Security

FLSA Status: Exempt

Months/Days/Hours: 12 months/ 248 days/ 8 hours

Salary Level:Universal level 14

Salary Scale: Range:$84621 - 145955

Remote Work Eligible:Partial

Remote Work Disclosure

The following guidelines apply to jobs and positions where employees have been identified as having the potential to work remotely. Remote work is defined as completing ones duties and responsibilities at a site other than ones assigned duty order to be eligible for remote work privileges an employee must have demonstrated consistent positive performance and have the support and approval of their direct addition these employees must have reliable high-speed internet and a designated workspace that allows them privacy while completing sensitive and confidential work. Employees who are non-exempt and are working remotely will work their regular scheduled hours and gain prior approval from their supervisor if they work more than 8 hours a day or more than 40 hours in a workweek. Remote work privileges can be amended changed or revoked based upon the performance of the employee as well as the needs of Loudoun County Public Schools.

Required Experience:

IC