|Company||City of Beverly Hills|
|Location||Beverly Hills, CA|
|Preferred GIAC Certifications||GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensic Analyst (GNFA)|
|Salary||$107,244.43 - $133,236.89 Annually|
The City of Beverly Hills is seeking an outstanding Information Security Analyst. In this position you will be expected to ensure and maintain up-to-date on compliance with security and data privacy legislation, homeland security measures, industry standards and best practices. The person in this role will work on developing and implementing policies and procedures related to network security, servers and client access, Active Directory, Exchange, LDAP, firewalls, VPN, secure remote access, biometrics, internet access, virus protection, security filtering, and Data Center plant security and maintenance. The ideal candidate will have well-rounded experience working with all aspects of an agency's information security including but not limited to fire walls, VPN appliances, extreme networks, and disaster recovery plans. Additionally, the ideal candidate will be responsible, dependable, and displays a passion and commitment to working in fast-paced environment. We are looking for a team player that has outstanding written and verbal communication skills, customer service ethic, and enjoys working with a diverse group of people. This position reports directly to the Assistant Chief Information Officer.
An Information Security Analyst plans, organizes, coordinates, and implements the City's information security function; performs advanced and highly complex duties in developing, recommending, overseeing, implementing, and ensuring compliance with comprehensive information security strategies and programs.
EXAMPLES OF ESSENTIAL DUTIES - Duties may include, but are not limited to, the following:
- Ensure compliance with security and data privacy legislation, homeland security measures, industry standards, and best practices for areas of responsibility, e.g. security management for LAN/WAN/MAN/Wireless, telecommunications, voice, applications, data, and video.
- Develop and implement policies and procedures related to network security, servers and client access, Active Directory, Exchange, LDAP, firewalls, VPN, secure remote access, biometrics, internet access, virus protection, security filtering, and Data Center plant security and maintenance.
- Enforce data retention schedules and support departments in establishing data retention policies.
- Develop and implement the City's Disaster Recovery Plan to ensure the restoration of data, network, and communications resources in the event of catastrophic failure.
- Maintain high-availability environment including secondary and tertiary data replication measures.
- Monitor and create reports on all server, network, telecommunications, internet, and database activity.
- Ensure communications and data security protocols, and protects against unauthorized access, intrusion, modification, or destruction.
- Secure and monitor critical application systems including access control systems, financial systems, and other business intelligence, confidential, and customer service systems.
- Provide guidance and direction to technical staff to troubleshoot and resolve network access and communications problems.
- May lead and direct the work of others for assigned projects.
- Assist new or existing staff in learning departmental practices and protocols, methods, and procedures.
- Build and maintain positive working relationships with co-workers, other City employees and the public using principles of good customer service.
- Foster an environment that embraces diversity, integrity, trust, and respect.
- Be an integral team player, which involves flexibility, cooperation, and communication.
- Performs related duties as assigned.
- Experience and Training: Any combination of experience and training that would provide the required knowledge and abilities is qualifying. A typical way to obtain the required knowledge and abilities would be:
- Experience: Three years of recent, paid work experience implementing, administering, and monitoring IT security solutions and programs in a high availability environment.
- Training: Equivalent to a Bachelor's degree from an accredited college or university with major coursework in Computer Science, Management Information Systems, Cybersecurity, or a related field.
License and Certificates
- Possession of, or ability to obtain, a valid California driver’s license as required by the position.
- Possession of an industry security certification similar or comparable to those listed below (one certification is required, two or more are desirable).
- Computing Technology Industry Association certification in Security+ (CompTIA Security+)
- Certified Information Systems Security Professional (CISSP)
- Global Information Assurance Certifications (GIAC) from SANS Institute:
--GIAC Certified Incident Handler (GCIH)
--GIAC Certified Intrusion Analyst (GCIA)
--GIAC Certified Forensic Analyst (GCFA)
--GIAC Certified Forensic Examiner (GCFE)
--GIAC Reverse Engineering Malware (GREM)
--GIAC Network Forensic Analyst (GNFA)