Security Analyst

Job Description Summary The IT Security Analyst performs the day-to-day operations of the in-place security solutions and threat monitoring, incident response, and resolution of security incidents detected by those systems. Additional tasks will include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. The ideal candidate for the Security Analyst position in our fast-growing and progressive local government is a proactive and analytical professional with a strong background in cybersecurity. They demonstrate exceptional problem-solving skills, a deep understanding of current security threats, and a commitment to safeguarding sensitive public data and infrastructure. This individual thrives in a dynamic, forward-thinking environment, embraces innovation, and collaborates effectively with cross-functional teams to implement best-in-class security measures. With excellent communication skills, the candidate can clearly convey security concepts to both technical and non-technical stakeholders, ensuring transparency and alignment across departments. A passion for public service, adaptability to rapid growth, and a desire to contribute to a modern, resilient digital infrastructure are essential. At the City of Goodyear, you will be a part of an organization that values its employees as its greatest asset. You will become part of a dedicated team of professionals that are committed to build and maintain a highly engaged workforce. You will be challenged to learn and grow in an environment that values employee development and career-building. You will thrive in a culture of innovation. We believe that successful employees are those that possess these six core values: Adaptability - Integrity - Initiative - Empathy - Optimism – Innovation Only a limited number of the most qualified applicants meeting the City's requirements will be invited for an interview. The examination process for this position will consist of a panel interview.All communication regarding application status and interview notifications will be sent via email- please monitor your junk/spam email for communication as it will come from a system generated source. Essential Functions Strategy & Planning • Participates in the planning and design of enterprise security architecture, under the direction of the IT Information Security Officer, where appropriate. • Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Information Security Officer, where appropriate. • Participates in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the IT Information Security Officer, where appropriate.Acquisition & Deployment • Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. • Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security. • Performs the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.Operational Management • Assists with the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). • Maintains operational configurations of all in-place security solutions. • Monitors all in-place security solutions for efficient and appropriate operations. • Reviews logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution. • Participates in responding to and investigating security incidents. • Participates in the design and execution of vulnerability assessments, penetration tests, and security audits. • Provides on-call support for end users for all in-place security solutions. Requirements • Formal Education/Knowledge:Work requires knowledge of a specific vocational, administrative, or technical nature which may be obtained with a two-year associate's degree, diploma or equivalent from a college, technical, business, vocational, or correspondence school. Appropriate certification may be awarded upon satisfactory completion of advanced study or training. • Experience:Minimum of 4 years of experience in a related field. • Certifications and Other Requirements:Valid Driver’s License. Ability to meet the criminal background regulations mandated by the FBI CJIS Security Policy. Must possess two certifications from the following organizations (or similar): Microsoft; Cisco; VMware; Comp TIA; Commvault; ISC2; GIAC; etc. • Reading:Work requires the ability to read technical instructions, technical specifications, trade magazines, responses to RFPs/RFQs, planning documents, policies/procedures, and documents generated by staff at a high level of comprehension. • Math:Work requires the ability to perform math calculations such as addition, subtraction, multiplication, division and algebra that require calculations and formulas. • Writing:Work requires the ability to write interoffice memos, creation of process and procedural documentation, user manuals, staff presentations, issue papers, planning documents, and requests for proposals at a high level. Many assignments require translation of technical terms. • Managerial:Semi-Complex - Work requires the occasional direction of helpers, assistants, seasonal employees, interns, or temporary employees. • Budget Responsibility:Moderate – Supports the preparation of the budget documents; may do research to justify data used in documents for a unit or division of a department. May recommend budget allocations. Often compiles data and/or enters or oversees data entry. May have responsibility for monitoring budget expenditures (typically non-discretionary expenditures) • Policy/Decision Making:Significant – The employee normally performs the job by following established standard operating procedures and/or policies. There is a choice of the appropriate procedure or policy to apply to duties. More complex work as well as decisions with more significant impacts are typically reviewed prior to being finalized. • Technical Skills:Comprehensive Application - Work requires advanced skills and knowledge in approaches and systems, which affect the design and implementation of major programs, solutions for highly complex issues, and/or processes organization-wide. Independent judgment and decision-making abilities are necessary to apply technical skills effectively. • Interpersonal/Human Relations Skills:High - In addition to the sharing of information, interactions at this level may also include providing advice to others outside direct reporting relationships on specific problems or general policies/procedures. In many of the interactions, contacts may require the consideration of different points of view to reach agreement. Elements of persuasion may be necessary to gain cooperation and acceptance of ideas. 12 Month Objectives Within the first month: • Attend Goodyear Employee Orientation (GEO) and complete all assignments, training, and meetings associated with GEO. • Become familiar with the City’s Core Values and the Department Vision and Mission. • Schedule and obtain your CJIS TOC Level D certification. • Review the IT Strategic Plan and the City of Goodyear’s Strategic Plan and review the relationship between the 2 plans. • Learn IT ticketing system. • Learn the Change Control process. Within 3 months: • Learn the endpoint detection system and become familiar with the endpoint management systems. • Security Policy Review: • Identify outdated, missing or non-compliant policies and recommend remediation. • Develop new SOPs, KBAs, etc. as applicable. • Learn the Security Awareness Training system. • Backup and Recovery Validation • Work with Infrastructure to review the state of the backup system. • Review security modules in backup system. Within 6 months: • Environment Familiarization: • Become familiar with IT security, network and infrastructure design and architecture. • Become familiar with the Vulnerability Management system. • Become self-sufficient with existing EDR systems. • Review and monitor key IT Security systems: • Firewalls • Active Directory • Azure • Endpoints • Authentication • Provide recommendations for improvements Within 9 months: • Become familiar with the 3rd party vendor management system. • Review and work towards security metric improvements: • Learn the CIS Controls and CSAT. • Microsoft security posture • Vulnerability management Within 12 months: • Work with the IT Security team and department and assist with the following: • Cybersecurity strategy • Identify future IT investments (e.g. Zero Trust, automation, etc.) • Process improvements