Security Analyst

The Town of Longboat Key is an Equal Opportunity / Affirmative Action Employer, who provides hiring preference to eligible veterans and their family members, and has a strong drug free workplace and alcohol abuse policy. Additionally, where appropriate, the Town may waive post-secondary education requirements for certain service members and veterans.

Position Title: Security Analyst
Posted: March 9, 2023
Salary Type: NON-EXEMPT
Closing Date: Until Filled
Salary: $73,102 - $116,964
Pay Grade: 220
Probation Period: Six Months

The Town of Longboat Key is accepting applications for a Full-Time Security Analyst in our Information Technology Department. An employment physical will be required, except for current employees who have met this requirement.

Expectations for All Employees

Supports the organization's mission, vision and values by exhibiting the following behaviors:

• Be Service Minded
• Value Teamwork
• Be Professional
• Have the Utmost Integrity
• Demonstrates Mutual Respect
• Bring a Positive Attitude to Work
• Embrace Continuous Improvement

The Town's values support the theme of "Premier Community, Exceptional Service."

Function

This highly technical position in the Information Technology Department reports to the Chief Information Officer. This position is responsible for a full range of functions to provide principal assistance in the planning, organizing, implementing, managing and evaluating of the City's information systems - security, compliance, risk, integrity, and business continuity.

Essential Functions

• Manages city perimeter network via firewall cluster.

• Works with Systems Administrator to help administer and maintain all systems.

• Plans, designs, reviews, develops, and implements IT security systems and techniques for information security systems.

• Designs, develops, and administers the City's information security platform, including but not limited to policy, controls, and access.
• Ensures a viable IT information security plan; document solution, including architecture standards, goals, tasks, schedule, resources (needed and available), risks, and opportunities; plan covers both personnel and information security.
• Performs the duties of a security control assessor by conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls; identify key security exposures and recommend improvements.
• Makes recommendations to C.I.O to ensure alignment with current and future security standards and enhancements that will secure and safeguard infrastructure and application portfolio.
• Reports IT security incidents (including computer viruses, malware, spam, breaches, phishing) in accordance with established procedures.
• Reports security incidents not involving IT resources to the appropriate office.
• Provides input to appropriate IT personnel for preparation of reports to higher authority concerning sensitive and/or security information systems.
• Defines and integrates current best practices in active IT security strategies.
• Develops and administers all IT security-related tasks, including regular patching and vulnerability management.
• Ensures compliance with all legal requirements concerning security, regulatory and legal requirements.

• Assesses critical applications to ensure they are protected from security exposures and ensure they are monitored, end to end, to meet operational level agreements (OLA).

• Reviews, designs, and implements systems and processes ensuring computer systems are up to date relative to all operating systems, patches and virus protection software, including security/information assurance program, architecture, certification and accreditation, operational security, incident management, security system implementation such as Single Sign-On, Identity Management Solutions, etc.

• Assists in the development of a Contingency Plan and ensure that the plan is tested and maintained.

• Educates City staff on security needs, opportunities, and risks.

• Provides ad-hoc training and coordinate formal training with individuals and other team(s) as appropriate.
• Participates in the development of IT strategies in collaboration with the management team.
• Performs regular research and analysis on current security methodologies, issues, technologies, and associations.
• Actively participates with 3rd party vendors to review/assess recommended solutions, identifying any incompatibilities, challenges, or issues with proposed solutions; work with appropriate individuals and team(s) to resolve issue within time, cost, and quality constraints.
• Works with project managers to ensure appropriate IT security considerations are implemented.
• Must be available during non-business hours to support Firewall and town wide security needs.
• Works with vendors to research and obtain product quotes for network related hardware and software.
• Provides assistance to computer users who are experiencing difficulty in the use of hardware or software.
• Provide support for hardware and software of all police systems.
• May conduct user training on computer systems and software applications.
• Performs other duties as required.
• Provides on-call support as required.
• Report to work as required by the Disaster Plan Recovery Guide and regular attendance during normal work schedule other than excused or job-related absences.

(These essential job functions are not to be construed as a complete statement of all duties performed. Employees will be required to perform other job-related marginal duties as required.)

Job Performance Knowledge & Abilities

• Working experience managing/configuring Fortinet with high availability.
• High level understanding of Networking preferably in an Extreme networking environment.
• Ability to analyze packet captures.
• Experience in formulating and coordinating testing practices.
• Knowledge of current protocols and standards related to IT Security services.
• Able to conduct research into issues and products as required.
• Proven analytical and problem-solving abilities.
• Good understanding of the organization's goals and objectives.
• Strong customer service orientation.
• Experience working in a team-oriented, collaborative environment.
• A strong familiarity with current security protocols, standards and methodologies, including but not limited to CJIS, PCI, HIPAA, and ISO 27001.
• Excellent oral and written, and interpersonal communication skills.
• Ability to make sound and logical judgments.
• Excellent time management, scheduling, and organizational skills.
• Ability to work well independently or in a team setting.
• High level understanding of Active Directory, Group Policy and other Microsoft related applications.
• Knowledge of the operation of computers and peripheral equipment related to assignments.

Working Conditions

General office environment. Travel to other work locations, as required. Overtime, as required. Requires lifting of heavy equipment and boxes up to 45 pounds. Requires working with computers for long periods.

Minimum Qualifications

PREFERRED:

• Bachelor's Degree in computer science, business, or related field or combination of education and job experience.
• Four years of progressively responsible professional experience, preferably in the public sector, in IT security infrastructure, design, operations and information assurance.
• CCSA, CCNP, GCFA, GCIA, GCIH, GREM, CISSP or other relevant industry certifications.
• Experience with Fortinet firewalls.

REQUIRED:

• Five years of progressively responsible professional experience, preferably in the public sector, in IT security infrastructure, design, operations and information assurance.

• Five years of experience with firewalls, specifically the newest operating system in high availability configurations.
• Four years of experience managing Firewalls.
• CJIS (FDLE) certification within first 6 months of employment.
• Candidates should have experience with Windows Server 2019 and later, MS SQL Server, Windows 10 and later operating systems, Active Directory, Group Policy, DNS, TCP/IP networking including VPNs.

A comparable amount of training and experience may be substituted for the minimum qualifications.

Successful completion of an employment physical to confirm the ability to perform the essential functions of the job (waived for promoted or transferred Town employees who have previously met this requirement); signed Acknowledgement for the attached "Drug Free Workplace Policy" must be provided prior to assuming Town duties.

The Town of Longboat Key is an Equal Opportunity Employer. In compliance with Equal Employment Opportunity guidelines and the Americans with Disabilities Act, the Town of Longboat Key provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.

The Town is a Drug Free Workplace, in compliance with the Drug Free Workplace Act of 1988, in § 440.102, FS and Rules 59A-24 F.A.C (Florida Administrative Code). State and federal laws and regulations may subject certain employees to additional drug testing requirements. Any employee who violates the program is subject to disciplinary action up to and including termination.

The Town of Longboat Key is an Equal Opportunity / Affirmative Action Employer, who provides hiring preference to eligible veterans and their family members, and has a strong drug free workplace and alcohol abuse policy. Additionally, where appropriate, the Town may waive post-secondary education requirements for certain service members and veterans.

Return to full list >>

"The Town of Longboat Key is an Equal Opportunity / Affirmative Action Employer, who provides hiring preference to eligible veterans and their family members, and has a strong drug free workplace and alcohol abuse policy."

Free viewers are required for some of the attached documents.
They can be downloaded by clicking on the icons below.
Acrobat Reader Windows Media Player Word Viewer Excel Viewer PowerPoint Viewer

Closing Date/Time: Until Filled