Salt River Pima-Maricopa Indian Community
Scottsdale, Arizona, United States
Cybersecurity Analyst Ii
Posted over 1 month ago
Sorry, this job has expired.
Job Description
Definition
Definition : Under general supervision of the Cyber Security Manager, performs level two security configuration, administration and maintenance duties for the Salt River Pima-Maricopa Indian Community (SRPMIC). Manages security processes and technology improvements in support of the organization's Cyber security Strategic Plan. Works cohesively with the IT teams and divisions to conduct risk assessments, administer and audit security systems. As a member of the security team assists in the development, implementation and maintenance of the security architecture design. This job class is treated as FLSA Exempt.
Essential Functions : Essential functions may vary among positions and may include the following tasks and other characteristics. This list of tasks is ILLUSTRATIVE ONLY and is not intended to be comprehensive listing of tasks performed by all positions in this classification.
Examples of Tasks
1. Mentor: Mentors Cybersecurity Analyst I and other Security team staff on cybersecurity best practices and standard IT policies and procedures.
2. Security Team Member: Participates as a key member of the security team in setting organizational security direction.
3. Cyber Security Level II
4. Documentation : Establishes, maintains and enforces IT Department policies and procedures in collaboration with IT management team.
5. Other Duties as Assigned: Performs other job related tasks as assigned by the Cyber Security Manager, IT Assistant Director - Enterprise Architecture, or IT Director/CIO.
Knowledge, Skills, Abilities and Other Characteristics:
Minimum Qualifications
Education: A Bachelor's degree from an accredited college or university in Information Systems, Information Security, Cyber Security or related discipline required.
Experience:
Direct experience working within an IT/Cyber security role, hands-on network security implementation experience, security monitoring, cloud security monitoring, or vulnerability management. Direct experience supporting Microsoft 365 Cloud security Direct experience with the Elastic log management platform Direct experience supporting cyber security incident response Direct experience managing and/or mitigating software and system vulnerabilities Direct experience conducting security audits to include: access control and system configuration Direct experience conducting security assessment on 3rd party integrations Direct experience with secure remote access technologies
CompTIA Security + Systems Security Certified Practitioner (SSCP®) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) SANS Global Information Assurance Certifications (GIAC) Certified Ethical Hacker (CEH)
Equivalency: Any equivalent combination of education and/or experience that would allow the candidate to satisfactorily perform the duties of this position, will be considered.
Underfill Eligibility: An enrolled Community Member whom closely qualifies for the minimum qualifications for a position may be considered for employment under SRPMIC Policy 2-19, Underfill.
Special Requirements
Prior to hire as an employee, applicants will be subject to drug and alcohol testing. Will be required to pass a pre-employment background/fingerprint check.
"SRPMIC is an Equal Opportunity/Affirmative Action Employer" Preference will be given to a qualified : Community Member Veteran, Community Member, Spouse of Community Member, qualified Native American, and then other qualified candidate.
In order to obtain preference, the following is required: 1) Qualified Community Member Veteran (DD-214) will be required at the time of application submission 2) Qualified Community Member (must provide Tribal I.D at time of application submission),3) Spouse of a Community Member (Marriage License/certificate and spouse Tribal ID or CIB is required at time of application submission), and 4) Native American (Tribal ID or CIB required at time of application submission).
Documents may be submitted by one of the following methods:
1) attach to application
2) fax (480) 362-5860
3) mail or hand deliver to Human Resources.
Documentation must be received by position closing date.
The IHS/BIA Form-4432 is not accepted .
Your Tribal ID/CIB must be submitted to HR-Recruitment-Two Waters.
Definition : Under general supervision of the Cyber Security Manager, performs level two security configuration, administration and maintenance duties for the Salt River Pima-Maricopa Indian Community (SRPMIC). Manages security processes and technology improvements in support of the organization's Cyber security Strategic Plan. Works cohesively with the IT teams and divisions to conduct risk assessments, administer and audit security systems. As a member of the security team assists in the development, implementation and maintenance of the security architecture design. This job class is treated as FLSA Exempt.
Essential Functions : Essential functions may vary among positions and may include the following tasks and other characteristics. This list of tasks is ILLUSTRATIVE ONLY and is not intended to be comprehensive listing of tasks performed by all positions in this classification.
Examples of Tasks
1. Mentor: Mentors Cybersecurity Analyst I and other Security team staff on cybersecurity best practices and standard IT policies and procedures.
2. Security Team Member: Participates as a key member of the security team in setting organizational security direction.
- Contributes knowledge of security best practices and technical skills. Utilizes problem solving techniques during security planning, implementation and incident response activities.
- Assumes responsibility for protecting all confidential information discussed, documented or otherwise provided in the course of security events.
3. Cyber Security Level II
- Confidentialit y: Assumes responsibility for protecting all confidential information discussed, documented or otherwise provided in the course of security events
- Network Security Support : Proactively audits and reviews the network and security infrastructure.
- Monitors LAN/WAN, network, security firewalls, routers and systems to ensure security standards are maintained.
- Support key team member for incident management of all network security-related issues.
- Provides technical input and assistance to troubleshoot security issues.
- Vulnerability Management: Implements and maintains the Vulnerability Management program and its processes.
- Ensure effectiveness and currency of the vulnerability management effort.
- Perform daily monitoring and management of actively reported vulnerabilities.
- Track remediation and mitigation efforts to their ultimate conclusion
- Provide leadership, consultation and technical support to IT peers as relates to the mitigation and remediation of reported vulnerabilities.
- Provide quarterly reporting and KPI's reflecting the overall health of the program.
- Vendor Security Reviews: Participates in and takes responsibility for individual vendor security reviews.
- Perform vendor security reviews as per defined processes and make risk determination on a vendor-by-vendor basis.
- Conduct peer reviews of vendor security reviews prior to final report completion.
- Provides leadership and consultation to IT peers as relates to completion and submittal of security review requests and vendor liaison through the review process.
- Investigation Support: Respond to breaches or personnel investigation requests.
- Ensure accurate data capture, chain of custody and reporting for an incident or investigation.
- Provide leadership, consultation or technical support.
- Maintain confidentiality and integrity of systems, data and security processes.
4. Documentation : Establishes, maintains and enforces IT Department policies and procedures in collaboration with IT management team.
- Recognizes and identifies potential areas where existing policies and procedures require change, or where new ones need to be developed.
- Develops and implements security operational policies and procedures.
5. Other Duties as Assigned: Performs other job related tasks as assigned by the Cyber Security Manager, IT Assistant Director - Enterprise Architecture, or IT Director/CIO.
Knowledge, Skills, Abilities and Other Characteristics:
- Ability to assess security vulnerabilities at the system and/or network level.
- Ability to coordinate vulnerability mitigation efforts across multiple teams
- Ability to asses social engineering risks related to electronic communications
- Ability to asses and document risk related to third party system and/or software integrations
- Ability to conduct/ support Information Assurance training to broad user base
- Ability to manage and leverage security tools to reduce organizational risk
- Knowledge of Firewall logs and the use of those logs for investigative practices
- Knowledge of the Elastic Stack and the ability to leveraging multiple log sources to identify security risk and/or compromise
- Knowledge of software and system vulnerabilities and mitigation practices
- Knowledge of secure protocols and how, when, and where they should be implemented
- Knowledge of Microsoft 365 Cloud security suites to include: 365 Defender, Purview/Compliance
- Knowledge of two factor authentication and its integration types
- Knowledge of industry data classification standards i.e.: HIPAA, PCI, PII, PHI and FERPA
- Knowledge of CIS, NIST and FedRamp controls/standards.
- Skilled at providing outstanding internal and external customer service.
- Skilled at interfacing at all staff levels and providing effective verbal and written communication.
- Skilled at verbal & written communication.
- Skilled at defining issues, analyzing and evaluating information, presenting recommendations and identifying alternative solutions.
- Ability to work effectively across and within diverse teams.
- Ability to effectively manage simultaneous security issues.
- Ability to effectively manage network security related change and requirements gathering
- Highly self-motivated and directed combined with extensive experience working in a collaborative, team-oriented environment.
Minimum Qualifications
Education: A Bachelor's degree from an accredited college or university in Information Systems, Information Security, Cyber Security or related discipline required.
Experience:
- Three (3) years' experience with the following:
- The following certification is required:
- One or more of the following certifications is preferred:
Equivalency: Any equivalent combination of education and/or experience that would allow the candidate to satisfactorily perform the duties of this position, will be considered.
Underfill Eligibility: An enrolled Community Member whom closely qualifies for the minimum qualifications for a position may be considered for employment under SRPMIC Policy 2-19, Underfill.
Special Requirements
- May be required to work beyond normal work hours including nights, weekends and holidays.
- May be required to complete and Salt River Police Department (SRPD) background investigation and polygraph examination.
- May be required to receive and maintain a Salt River Pima-Maricopa Indian Community, Community Regulatory License, and State Certification (ADOG).
- All applicants applying for jobs will be subject to Pre-Employment Drug Test and extensive Fingerprint and Background Check. In addition, all employees providing services to a campus with children will be subject to the "Community Code of Ordinances", Chapter 11 "Minors", Article X. "Investigation of Persons Working with Children", random drug testing and completion of a background check every five (5) years.
Prior to hire as an employee, applicants will be subject to drug and alcohol testing. Will be required to pass a pre-employment background/fingerprint check.
"SRPMIC is an Equal Opportunity/Affirmative Action Employer" Preference will be given to a qualified : Community Member Veteran, Community Member, Spouse of Community Member, qualified Native American, and then other qualified candidate.
In order to obtain preference, the following is required: 1) Qualified Community Member Veteran (DD-214) will be required at the time of application submission 2) Qualified Community Member (must provide Tribal I.D at time of application submission),3) Spouse of a Community Member (Marriage License/certificate and spouse Tribal ID or CIB is required at time of application submission), and 4) Native American (Tribal ID or CIB required at time of application submission).
Documents may be submitted by one of the following methods:
1) attach to application
2) fax (480) 362-5860
3) mail or hand deliver to Human Resources.
Documentation must be received by position closing date.
The IHS/BIA Form-4432 is not accepted .
Your Tribal ID/CIB must be submitted to HR-Recruitment-Two Waters.
78a4e9acc9e7558bcf1e02150e87f854