Cyber Security Analyst
San Jose
Santa Clara County Transportation Authority
The Santa Clara Valley Transportation Authority honors human diversity where people are appreciated, respected, and nurtured. VTA's environment fosters creativity and productivity among all its employees and extends a welcome to those who wish...Job Description
Definition
Under general supervision, the Cyber Security Analyst plans, analyzes, and implements data security measures and controls related to VTA's computer networks and other technology systems.
Distinguishing Characteristics
This journey-level professional classification is responsible for coordinating and managing VTA's cyber security activities and programs. An incumbent in this class is expected to independently plan, implement, and upgrade cyber security measures and controls and actively combat security intrusions. This position assists with sensitive and confidential employee relations and legal data security issues, and an incumbent may provide leadership or technical assistance in projects involving protection of confidential data against unauthorized access.
This classification differs from other technology classifications in that it specializes in ensuring data security, mitigating cyber security risks, and safeguarding VTA's computer networks and related systems against security intrusions.
Classification Bargaining Unit: Non Represented
VTA is an Equal Opportunity Employer
Essential Job Functions
Typical Tasks
- Establishes protocols to protect digital files and information systems against unauthorized access, modification, and/or destruction;
- Monitors networks, email system, and server farm in real time to identify and combat security intrusions;
- Plans and implements cyber security measures and controls;
- Researches cyber security software tools and countermeasures; recommends and installs hardware and software programs to mitigate security risks;
- Researches, examines, aggregates, refines, and presents data sets based on keyword, email, and/or internet history searches;
- Monitors intrusion detection and prevention systems;
- Performs network vulnerability testing, risk analyses, and cyber security assessments; resolves vulnerability issues;
- Plans and conducts internal and external cyber security audits; interprets and documents audit results; recommends and implements corrective actions;
- Defines, implements, and maintains agency cyber security policies;
- Reviews firewall logs and investigates intrusion attempts;
- Investigates and analyzes security breaches to identify root cause;
- Coordinates cyber security plans, activities, and projects with other technology personnel and outside vendors;
- Monitors and evaluates cybercrime bulletins from local, state, and federal law enforcement agencies; coordinates with law enforcement cybercrime teams;
- Provides training to VTA employees on cyber security awareness and data security procedures;
- Collaborates with other departments and VTA management to improve cyber security and manage risks;
- Prepares audit reports, memoranda, and other documents; makes verbal presentations on audit findings/recommendations;
- May provide lead direction to other employees or contractors as assigned;
- Performs related duties as required.
Minimum Qualifications
Employment Standards
Training, education, and experience, which demonstrates possession of the required knowledge, skills, and abilities.
Development of the required knowledge, skills, and abilities is typically obtained through a combination of training, education, and experience equivalent to graduation from an accredited college or university with a four-year degree in computer science or a related field, and two (2) years of increasingly responsible experience performing technical and analytical duties in coordinating and managing cyber security programs and initiatives.
Additional professional experience implementing cyber security measures and actively combatting security intrusions may be substituted for education on a year for year basis.
Supplemental Information
Knowledge of:
- Principles and practices of cyber security, digital access control, and intrusion detection and prevention;
- Operational characteristics of computer networks, server farms, and technology systems administration;
- Cyber security vulnerability testing and risk analysis;
- Methods and techniques for managing and mitigating cyber security risks;
- Principles and practices of cyber security audits and audit documentation;
- Current cyber security technology tools and countermeasures;
- Laws and regulations pertaining to cyber security and confidential data;
- Principles and practices of lead supervision and training.
Ability to:
- Establish plans and protocols to protect VTA's data against unauthorized access, modification, and/or destruction;
- Monitor technology infrastructure in real time; effectively identify and combat security intrusions;
- Research, recommend, and install cyber security software tools and countermeasures;
- Develop and implement agency-wide cyber security policies;
- Use discretion and maintain confidentiality when necessary;
- Conduct internal and external cyber security audits; interpret and document audit results; recommend and implement corrective actions;
- Evaluate the effectiveness of cyber security tools and countermeasures and develop cost-effective solutions;
- Prepare reports and supporting recommendations;
- Keep up-to-date on cyber security threats and stay current on intrusion detection and prevention hardware and software technologies;
- Make effective verbal presentations; communicate technical information to non-technical audiences;
- Work odd and unusual hours, including weekends and holidays, or on-call as assigned;
- Establish and maintain effective working relationships with those contacted in the course of work.
Tags: Audits Computer Science Cyber crime Firewalls Intrusion detection Risk analysis Security assessment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs