Security Analyst

Job#: 2086551

Job Description:

RESPONSIBILITIES:

• Implement a KCOJ enterprise security stance through policy, architecture, and training programs.
• Oversee the KCOJ security solutions, including the implementation of appropriate solutions and oversight of vulnerability audits and assessments.
• Interface with ITS peers to share the security vision and solicit involvement in achieving higher levels of Enterprise Security.
• Ensure compliance management, the enforcement of security policies and procedures, and annual review and security assessment reporting.
• Research and analyze the latest information security capabilities of specific Information Security (e.g., encryption) and IT technologies (e.g., operating systems, networks).
• Create, publish, maintain, and interpret Information Security standards for specific technologies (e.g., operating systems, databases).
• Perform investigative research, analysis and troubleshooting to identify, resolve, and report complex security issues. Assist in the evaluation and monitoring of system or tool performance.
• Research and enhance Information Security solutions and technologies to keep up with the latest threats.
• Write code/scripts/automation to detect or prevent new threats that do not have commercial solutions available yet or to automate Information Security processes to increase efficiencies.
• Design and develop new tools/technologies as related to cybersecurity.
• Act as a backup resource for key Enterprise Security appliances (Security Information and Event Management or (SIEM) and Firewal

MINIMUM REQUIREMENTS:

EXPERIENCE: 5 Years of Job-Related Experience

Substitute EDUCATION for EXPERIENCE: NONE

Substitute EXPERIENCE for EDUCATION: Related Technical or Vocational Training Will Substitute for Bachelor's Degree

SPECIAL REQUIREMENTS:

Information Security Certification - CISSP / COMP TIA SECURITY+ (PREFERRED)

Microsoft Technical Certification - MCSE / MCSA (PREFERRED)

ITIL Foundations (PREFERRED)

EXAMPLES OF DUTIES OR RESPONSIBILITIES OF THE CLASSIFICATION: Examples of duties or responsibilities are not to be construed as describing what the duties or responsibilities of any position shall be and are not to be construed as limiting the appointing authority's ability to assign, or otherwise alter the duties and responsibilities of a position. This is not intended to be an exhaustive list

• Create and maintain the enterprise security architecture design with system, application, and audio-visual architects. Update and maintain the KCOJ security awareness training program with shared services department.
• Create and maintain the KCOJ enterprise security documents, such as policies with legal services, KCOJ standards, baselines, TS guidelines and procedures.
• Create and maintain the KCOJ security incident response plan.
• Maintain current knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall KCOJ security as per the existing procurement policies.
• Develop requirements for local area and wide area networks (LAN and WAN), virtual private network (VPN), routers, firewalls, and related security devices.
• Design public key infrastructure (PKI'S) including use of certification authorities and digital signatures.
• Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through the enterprise workstations, servers, and other systems and in databases and other data repositories.
• Supervise all investigations into problematic activity, security incidents, and provide on-going communications with the Information Security Architect and ITS Executive Leadership.
• Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
• Prepare information security reports by collecting, analyzing, and summarizing data and trends on an annual basis.
• Oversee regular security awareness training for all KCOJ employees to ensure high levels of compliance with the KCOJ security policies.
• Engage in ongoing communications with architectural peers for infrastructure, applications, and audio-visual, as well as ITS division managers and other AOC managers to ensure KCOJ-wide understanding of security goals, to solicit feedback, and to foster co-operation. Other duties as required.

TYPICAL WORKING CONDITIONS AND UNIQUE PHYSICAL REQUIREMENTS: Incumbents in the job will typically perform their job duties under these conditions.

On-call availability.

Work typically in office setting.

Dexterity of hands/fingers to operate a computer keyboard/mouse/other equipment.

Rare lifting of moderately heavy objects, such as computers and peripherals.

Some travel may be required.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.