Job Details: Sound Transit IT Temporary Contractor Request Form ssignment: IT Information Security Analyst Category/Level*: Category F, Level 2 Term of Assignment: 6 months Date Candidate Resumes due to Sound Transit: Rate Range: General Summary: Under general direction, the Information Security Analyst assists with the operations of the Agency's Information Security program for its technology assets. The Information Security Analyst's role is to support service owners and system owners in ensuring the confidentiality and integrity of information systems and data across the entire organization. The Information Security Analyst performs two core functions for the Agency. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security events detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the Agency's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals On-call availability is required as a member of the Information Security Incident Response Team. Essential Functions:
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency.
- Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e. workstations, servers, network devices, etc)
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e security tools) or not (i.e. workstations, servers, network devices, etc). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic or suspicious activity.
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for Information Security Incident Response activities.
- Conduct vulnerability scans and assessments, including reporting and follow up on remediation status.
- Inform and train staff members on their responsibilities concerning information security procedures.
- Support the administrated processes to maintain compliance with regulatory obligations (e.g. DOL)
- ssist with ensuring that agency technology assets, systems, services, and facilities are compliant with information security procedures.
- Participate in ongoing information security education, awareness and outreach activities as required.
- Monitor threat intelligence and other available information to proactively enhance the Agency's security posture.
- Demonstrates Sound Transit's Values in every interaction
Special / Additional Qualifications (Over Role/ Category Level) Education & Experience: Bachelor's Degree in computer science, information technology, business administration, engineering, or closely related field and five years of information technology experience with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.
- t least 4 years of systems security and administration experience.
Required Licenses or Certifications:
- One or more of the following certifications:
- Certified Information Systems Security Professional (CISSP) (strongly preferred)
- CompTlA Security+
- GIAC Information Security Fundamentals
- Microsoft Certified Systems Administrator: Security
- ssociate of (ISC)2
- ITIL and Project Management certification a plus.
Specific Qualifications, Knowledge, and
- Experience performing vulnerability scans using Tenable.
- Experience responding to Information Security incidents and events.
- Experience utilizing security software and tools, including (but not limited to):
Skills: CrowdStrike endpoint protection, Microsoft Defender, SIEM (AlienVault preferred) nd EnCase.
- Strong command of system administration tools (Windows/Linux).
- Experience with security administration of cloud platforms (Microsoft 365).
- General knowledge of the NIST 800 series standards and the ISO 27001/2 frameworks.
- Demonstrated work experience conducting system security assessments, control
nalysis, risk assessment, vulnerability assessments or penetration tests.
- Strong understanding of information security threats and vulnerabilities.
- Strong understanding of and experience with security-related technologies, systems,
nd tools.
- In-depth understanding and experience with various attack vectors and their effect on
technologies. Required Skills:
- Technical skills proficiency in the following areas: security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols), system administration, malware (propagation, infection, types), intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open source information collection platforms), cryptography, Microsoft Active Directory.
- Proven competency in the use of MS Office applications (Word, Excel, PowerPoint, SharePoint, Teams)
- Strong work habits, time management and self-organization
- Excellent communication skills (verbal/written), including the ability to provide technical reports.
Physical Demands/Work Environment:
- Work will be performed vi remote office.
Sound Transit promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required. It is the responsibility of all employees and temporary staff to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees and temporary staff.