Cyber Security Analyst

Description

Cyber Security Analyst

Examples of Duties

Designs, develops, and implements security changes and enhancements to the Information Technology (IT) computing environments citywide. Is responsible for determining appropriate security measurees and creating policies and procedures that monitor and control access to system resources and data. Oversees the establishment, implementation, and adherence to policies and procedures that guide and support the provision of information security services. Conducts risk assessments and risk analyses to help the organization develop security standards and procedures that support strategic, tactical, and operation objectives on a cost-effective basis. Makes recommendations on appropriate personnel as well as physical and technical security controls. Manages the information security incident reporting program and participates in resolving problems with security violations. Is responsible for the content and delivery of information security seminars and training classes. Coordinates the communication of information security awareness to all members of the organization. Certifies that IT systems meet predetermined security requirements citywide. Conducts security audits. Assesses and reviews security plans, policies and procedures of all City departments/divisions and related entities. Develops and implements a year-round in-service training program. Performs other job related duties as required.

Minimum Qualifications

Bachelor’s Degree in Computer Science, Information Technology, Engineering, Accounting, or related field from an accredited four-year college or university required. Two years of full-time paid experience with the configuration, monitoring, or security of network, internet, or email applications in a Windows, Netware, and/or Unix environment required. (Substitution: One year of any equivalent combination of education, training and experience in Information Technology may substitute for each year of college education lacking.) Valid State of Ohio Driver’s License required. Must be able to lift and carry a minimum of 30 pounds. Must possess excellent interpersonal and written communication skills. The following areas of experience are highly desired: Encryption, firewalls, Intrusion Detection Systems, Intrusion Prevention Systems, Virtual Private Networks, Web filtering, IT forensic analysis, and the principles and use of identification, authentication, and authorization; Knowledge of security hardware and software products that comply with current industry standards; Hands-on experience with major security platforms for certification authority, security management products, and tools; Monitoring network and systems management processes and operational procedures; Web hosting; Microsoft Exchange Server. Certification as an Information Systems and Security Professional of Information Systems Auditor is highly desired.

Supplemental Information

The Cyber Security Analyst should have a knowledge of cloud delivery, cloud service, leading security practices, and deployment models for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offerings. Experience with Microsoft Azure, Zero Trust and other security edge technologies.

Additional Duties And Tasks

• Azure Security Operations: Monitor and respond to security alerts in Microsoft Defender for Cloud, and END Point Azure Sentinel (SIEM), and Azure Security Center.
• Identity & Access Management: Assist in configuring and managing Azure Active Directory (AAD), Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and Conditional Access policies.
• Security Configuration & Hardening: Help implement security controls, enforce Azure security policies, and ensure compliance with industry frameworks such as NIST
• Threat Detection & Response: Support threat monitoring and incident response efforts by analyzing security logs, investigating alerts, and coordinating with senior security engineers.
• Network & Endpoint Security: Assist in securing Azure Virtual Networks (VNETs),
• Data Protection & Encryption: Support the implementation of Azure Key Vault, DLP, and encryption strategies to safeguard sensitive information.
• Compliance & Risk Assessments: Help with security audits, cloud security assessments, and risk management activities.
  
  

Preferred Qualifications

• Basic to intermediate understanding of Azure security services (e.g., Microsoft Defender, Azure Security Center, Sentinel).
• Familiarity with Azure IAM, RBAC, and security best practices
• Basic knowledge of network security (firewalls, NSGs, VPNs, segmentation).
• Hands-on experience with security monitoring tools, SIEM, or endpoint security.
• Understanding of cloud security principles, Zero Trust, and compliance frameworks.
• Basic scripting knowledge (PowerShell, Python, or Bash) is a plus.
• Relevant certifications (AZ-900, AZ-500, Security+, or equivalent) are preferred but not required
  
  

The City's guiding principles are as follows: Placing Clevelanders at the Center, EmpoweringEmployees to Do Purposeful Work, Defining Clear and Pragmatic Objectives, Leading with Trust and Transparency, Striving for Equity in All We Do, and Embracing Change. All City employees are responsible for embracing and carrying out these principles in all that they do.