Overview
Summary Description
The position is responsible for continuous monitoring, vulnerability management, incident response, policy development, and employee security awareness. The Analyst evaluates, strengthens, and maintains the County’s security posture across all systems, networks, and applications to ensure compliance, reliability, and data integrity.
Summary Description
The position is responsible for continuous monitoring, vulnerability management, incident response, policy development, and employee security awareness. The Analyst evaluates, strengthens, and maintains the County’s security posture across all systems, networks, and applications to ensure compliance, reliability, and data integrity.
Job Duties/Responsibilities
Monitors County networks, servers, and endpoints for vulnerabilities, threats, or breaches using SIEM and intrusion detection tools.
Responds to alerts and incidents from firewalls, antivirus, email filters, and endpoint protection systems.
Conducts vulnerability assessments, risk assessments, and authorized penetration testing activities to identify and mitigate security risks.
Develops and maintains cybersecurity policies, standards, and procedures in alignment with CJIS, HIPAA, and NIST frameworks.
Coordinates the modernization, maintenance, and periodic testing of the Incident Response Plan, Discovery Recovery Plan, Continuity of Operations Plan/Continuity of Government (COOP-COG), and recovery processes.
Manages user access controls and enforces least-privilege principles across County systems.
Monitors, configures, and maintains Countywide system auditing and logging to ensure comprehensive event tracking, compliance, and timely detection of anomalies or unauthorized activity.
Researches, recommends, and assists in implementing/managing security technologies including firewalls, multifactor authentication, and encryption solutions.
Supports cybersecurity aspects of election infrastructure and other critical systems.
Helps coordinate Countywide cybersecurity awareness and training programs for all employees.
Assists in tabletop exercises, business continuity and disaster recovery planning.
Collaborates with IT staff, vendors, and department heads to assess risk, review contracts, and ensure vendor compliance with County security requirements.
Prepares reports on incidents, vulnerabilities, and cybersecurity trends for the IT Director and Board of Supervisors as requested.
Stays informed on emerging threats, tools, and regulatory changes affecting cybersecurity.
Assists with County cybersecurity insurance requirements, assessments, and incident documentation as needed.
Performs related duties as assigned
KNOWLEDGE REQUIRED BY THE POSITION
Knowledge of information security principles, methods and best practices.
Knowledge of security threats and IT risk management principles.
Knowledge of disaster planning and recovery principles.
Knowledge of firewalls, intrusion detection/prevention, SIEM systems, and endpoint protection platforms.
Knowledge of network hardware, protocols, and standards.
Knowledge of county business processes.
Skill in communicating complex ideas both orally and in writing and ability to convey technical concepts to non-technical staff.
Skill in analyzing network traffic, logs and system behavior to identify anomalies.
Skill in troubleshooting and resolving IT system issues.
Skill in preparing clear and concise reports from multiple data sources.
Skill in establishing and maintaining effective working relationships.
Qualifications
Knowledge and level of competency commonly associated with the completion of a baccalaureate degree in Cybersecurity, Computer Science, Information Technology, or related field.
Sufficient experience to understand the basic principles relevant to the major duties of the position, usually associated with the completion of an apprenticeship/internship or having had a similar position for at least three years.
Possession of Security+, CySA+, or equivalent certification required upon hire or within six (6) months.
CISSP, CISM, CEH, or equivalent advanced certification preferred.
Must obtain NCIC certification within six (6) months of employment.
Possession of or ability to readily obtain a valid driver’s license issued by the State of Iowa for the type of vehicle or equipment operated.
E-VERIFY PROCESS Story County participates in E-Verify and will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each applicant's Form I-9 to confirm work authorization. All candidates who are offered a position with Story County must complete Section 1 of Form I-9 along with the required proof of their right to work in the United States and proof of their identity. Please be prepared to provide required documents on the first day of employment. For additional information regarding acceptable documents for this purpose, please contact Human Resources at 515-382-7200 or go to the US Citizenship and Immigration Services web page at: http://www.uscis.gov
Physical & Environmental Characteristics
The work is typically performed while sitting at a desk or table or while intermittently sitting, standing, or stooping. The employee occasionally lifts heavy (25 pounds or more) objects, uses tools or equipment requiring a high degree of dexterity, and distinguishes between shades of color.
The work is typically performed in an office or computer room.
#J-18808-Ljbffr
The position is responsible for continuous monitoring, vulnerability management, incident response, policy development, and employee security awareness. The Analyst evaluates, strengthens, and maintains the County’s security posture across all systems, networks, and applications to ensure compliance, reliability, and data integrity.
Summary Description
The position is responsible for continuous monitoring, vulnerability management, incident response, policy development, and employee security awareness. The Analyst evaluates, strengthens, and maintains the County’s security posture across all systems, networks, and applications to ensure compliance, reliability, and data integrity.
Job Duties/Responsibilities
Monitors County networks, servers, and endpoints for vulnerabilities, threats, or breaches using SIEM and intrusion detection tools.
Responds to alerts and incidents from firewalls, antivirus, email filters, and endpoint protection systems.
Conducts vulnerability assessments, risk assessments, and authorized penetration testing activities to identify and mitigate security risks.
Develops and maintains cybersecurity policies, standards, and procedures in alignment with CJIS, HIPAA, and NIST frameworks.
Coordinates the modernization, maintenance, and periodic testing of the Incident Response Plan, Discovery Recovery Plan, Continuity of Operations Plan/Continuity of Government (COOP-COG), and recovery processes.
Manages user access controls and enforces least-privilege principles across County systems.
Monitors, configures, and maintains Countywide system auditing and logging to ensure comprehensive event tracking, compliance, and timely detection of anomalies or unauthorized activity.
Researches, recommends, and assists in implementing/managing security technologies including firewalls, multifactor authentication, and encryption solutions.
Supports cybersecurity aspects of election infrastructure and other critical systems.
Helps coordinate Countywide cybersecurity awareness and training programs for all employees.
Assists in tabletop exercises, business continuity and disaster recovery planning.
Collaborates with IT staff, vendors, and department heads to assess risk, review contracts, and ensure vendor compliance with County security requirements.
Prepares reports on incidents, vulnerabilities, and cybersecurity trends for the IT Director and Board of Supervisors as requested.
Stays informed on emerging threats, tools, and regulatory changes affecting cybersecurity.
Assists with County cybersecurity insurance requirements, assessments, and incident documentation as needed.
Performs related duties as assigned
KNOWLEDGE REQUIRED BY THE POSITION
Knowledge of information security principles, methods and best practices.
Knowledge of security threats and IT risk management principles.
Knowledge of disaster planning and recovery principles.
Knowledge of firewalls, intrusion detection/prevention, SIEM systems, and endpoint protection platforms.
Knowledge of network hardware, protocols, and standards.
Knowledge of county business processes.
Skill in communicating complex ideas both orally and in writing and ability to convey technical concepts to non-technical staff.
Skill in analyzing network traffic, logs and system behavior to identify anomalies.
Skill in troubleshooting and resolving IT system issues.
Skill in preparing clear and concise reports from multiple data sources.
Skill in establishing and maintaining effective working relationships.
Qualifications
Knowledge and level of competency commonly associated with the completion of a baccalaureate degree in Cybersecurity, Computer Science, Information Technology, or related field.
Sufficient experience to understand the basic principles relevant to the major duties of the position, usually associated with the completion of an apprenticeship/internship or having had a similar position for at least three years.
Possession of Security+, CySA+, or equivalent certification required upon hire or within six (6) months.
CISSP, CISM, CEH, or equivalent advanced certification preferred.
Must obtain NCIC certification within six (6) months of employment.
Possession of or ability to readily obtain a valid driver’s license issued by the State of Iowa for the type of vehicle or equipment operated.
E-VERIFY PROCESS Story County participates in E-Verify and will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each applicant's Form I-9 to confirm work authorization. All candidates who are offered a position with Story County must complete Section 1 of Form I-9 along with the required proof of their right to work in the United States and proof of their identity. Please be prepared to provide required documents on the first day of employment. For additional information regarding acceptable documents for this purpose, please contact Human Resources at 515-382-7200 or go to the US Citizenship and Immigration Services web page at: http://www.uscis.gov
Physical & Environmental Characteristics
The work is typically performed while sitting at a desk or table or while intermittently sitting, standing, or stooping. The employee occasionally lifts heavy (25 pounds or more) objects, uses tools or equipment requiring a high degree of dexterity, and distinguishes between shades of color.
The work is typically performed in an office or computer room.
#J-18808-Ljbffr