Job Title: Cybersecurity Analyst Department: Information Technology FLSA Status: Exempt, Non-Represented Reports To: Network Technical Architect Salary Range: $72,700 – $90,900
JOB SUMMARY:
The Cybersecurity Analyst is responsible for the monitoring, analysis and initial prioritization of cybersecurity logs and monitoring systems. This position will make recommendations and participate as a member of the security team. Assists with planning and innovative solutions for cyber-threats and applies advanced technical knowledge to implement and support cybersecurity policies. The Cybersecurity Analyst provides hands-on technical capabilities and manages simple and enterprise-wide cybersecurity tools. This position partners with stakeholders, vendors, and the IT Department team to limit, catch and remove cyber-threats.
ORGANIZATION STRUCTURE:
The Cybersecurity Analyst reports to the Network Technical Architect.
NATURE OF WORK AND JOB SCALE:
This position reviews all design plans prior to implementation of cybersecurity changes; and reviews all post implementation documentation. The Cybersecurity Analyst is responsible for managing the configuration and performance of threat detection systems, and ensures the established expectations are met. This position also monitors, maintains and updates cybersecurity related systems and logs. The Cybersecurity Analyst has access to all administrative passwords, combinations of safes, and direct access to highly sensitive information. This position is a level 2 support position and will handle calls escalated from the help desk. The Technology Architect also provides support and assistance to the other IT staff.
The Cybersecurity Analyst carries the on-call phone during off hours. This phone will only receive after-hour calls from the IT staff, contracted cybersecurity staff or cybersecurity system designed to contact a human under defined situation. The on-call responsibilities require this position to be available when not on vacation. While on-call, this position must address all issues that are deemed to be a business threat as soon as possible by either coming on-site or addressing the issues remotely. Any calls that come in during the on-call period that are not business critical must be documented and sent to the appropriate IT representative to be addressed during the next business day. During non-work hours, and during periods that this position is not on-call, if the Cybersecurity Analyst is available; it is expected that this position will help or help others on call when deemed appropriate.
ESSENTIAL FUNCTIONS:
- Monitor and analyze all cybersecurity systems and logs for issues.
- Prioritize cybersecurity threats and make recommendations to management.
- Provide detailed information to change control management when changes are needed.
- Provide recommendations for cyber threat mitigation.
- Produce visualizations and reports on cybersecurity health.
- Provide Project Management for cybersecurity upgrades and improvements.
- Streamline and document the cyber threat identification process.
- Coordinate and supervise vendor personnel in the development, installation, operation and maintenance cybersecurity systems.
- Conduct routine hardware and software audits of the cybersecurity infrastructure to ensure compliance with established standards, policies, best practices, and configuration guidelines.
10. Configure, test, and maintain security protocols on all IT infrastructure, including intrusion detection systems and network access. 11. Recommend purchases and upgrades of cybersecurity hardware and software. 12. Monitor and assist with perimeter network security including firewalls. 13. Help the Director of IT with budgeting, planning, developing standards, policies, and administrative needs. 14. Document and share all cybersecurity processes and solutions in a manner to which any technical staff would be able to follow.
REQUIRED QUALIFICATIONS:
- Advanced Degree IT field or 7+ years in IT.
- Experience specifically in cybersecurity position.
- Experience analyzing cybersecurity logs.
- Experience implementing, updating, and maintaining cybersecurity systems.
- Experience working with Darktrace.
- Experience working with Forescout.
- Excellent oral and written communication skills.
- Proven track record of mitigating cyber threats.
DESIRED QUALIFICATIONS:
- Direct experience working with any of the following:
a. Crowd Strike b. knowBe4 c. Rapid7 d. Duo e. Hexnode f. Solar winds
- Comprehensive knowledge of VLAN configuration and troubleshooting, DNS, Spanning Tree, NTP and Fiber Optic.
- Comprehensive knowledge of Firewall DMZ programming and administration
- Desire and ability to absorb/seek/teach new technologies.
- Ability to use good judgment and experience to resolve complex issues and challenges.
- Ability to take ownership for work and initiative for requests, incidents and problems.
MENTAL/PHYSICAL REQUIREMENTS:
- Ability to effectively provide both oral and written communications requiring good verbal expression, satisfactory hearing and eyesight clarity sufficient to read.
- Ability for lifting, carrying, climbing, crouching, reaching, handling, kneeling, sufficient manual dexterity, and eye-hand-foot coordination.
DISCLAIMER STATEMENT:
The above are general requirements that must be met for consideration. They are not intended to be an exhaustive list of job qualifications or job duties.
Milwaukee Transport Services Inc. (Milwaukee County Transit System) is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age; military status, status as a qualified individual with a disability or any other characteristic protected by law.