Information Security Analyst II
$81,382 - $135,637/Yr
Fairfax County (VA) - Fairfax, VA
posted 3 days ago
Full-time
Fairfax, VA
Executive, Legislative, and Other General Government Support
About the position
Acts as a security analyst in the realm of cybersecurity and privacy within the Information Security Office (ISO). Responsibilities include assessing cyber threats, responding to cyber incidents, and addressing agency inquiries on security issues. Additionally, the role involves implementing and managing cybersecurity tools and systems to ensure secure, efficient, and resilient IT operations across the enterprise. This position directly supports the Policy and Compliance Organizational Unit within the ISO.
Responsibilities
- Developing security policies, standards, and operating procedures to comply with federal and state regulations.
- Participating in internal and external security assessments and audits.
- Handling data preservation and collection requests related to legal matters, Virginia Freedom of Information Act (VFOIA) requests, internal investigations, forensic investigations, and other eDiscovery requests.
- Conducting agency outreach and security awareness training programs.
- Investigating security incidents and providing resolutions based on alerts and events from security dashboards, such as a Security Information and Event Management (SIEM) system, vulnerability scans, or penetration testing assessments.
- Implementing, administering, and supporting security systems, including host endpoint protection, data loss prevention, network-based intrusion detection and prevention systems, application layer firewalls, vulnerability management, forensic tools, and other infrastructure managed by the ISO.
- Coordinating daily with other divisions within the Department of Information Technology (DIT), Agency Information Security Coordinators, IT Analysts, and external entities on information security matters.
- Serving as a general technical and operational advisor on cybersecurity issues for the ISO.
- Keeping up to date with current and evolving cybersecurity trends and pursuing relevant industry certifications.
- Supporting and responding to emergency IT events and assisting with County Emergency Operations Center activations as needed.
- Performing other duties as assigned.
Requirements
- Graduation from an accredited four-year college or university with a bachelor's degree in a computer or information science discipline, IT/cyber security, network or IT systems administration, engineering; or a bachelor's degree in a business or related field that has been supplemented by at least 18 credit hours of intermediate computer science coursework.
- At least one year of experience in information security systems, network security, or cyber security.
Nice-to-haves
- Knowledge and experience with implementing and assessing compliance with information technology and privacy protection regulation and standards such as HIPAA, PCI-DSS, CJIS, VA Code and Federal PII protections.
- Understanding and experience with network and security architecture, multiple operating system platforms, identity management, access control, databases, web applications, and other evolving mobile and cloud technologies.
- Experience with malware inspection, traditional and application layer firewalls, VPN, identity management systems, data loss prevention, and network and host-based intrusion detection/prevention systems.
