Infosecurity Analyst JobID: 9494

• Position Type:

  Information Technology/ Infosecurity Analyst

• Date Posted:

  4/17/2024

• Location:

  Educational Support Center

• Closing Date:

  Open Until Filled

FULL SALARY RANGE: Level 3 (minimum: $62,136- mid-point: $77,670- maximum: $93,204)

The maximum placement for new hires is based upon experience and typically does not exceed the mid-point of the range.

STANDARD HOURS PER WEEK: 40

FTE: 1.0

JOB CODE: 130904

POSITION TYPE: Replacement or New

LOCATION: Thornton, CO

SUMMARY: The Infosecurity Analyst will provide analysis and proactive response across a range of operational resilience, security analytics, threat assessment, forensics, and incident response activities to support appropriate levels of cybersecurity at the District, working with the IT leadership team to review and address risks and provide efficient and effective solutions, always with a customer service focus. The Infosecurity Analyst will employ strong communications and organizational skills to execute and maintain processes, procedures, policies, project plans, and communications strategies that ensure that timely, actionable and critical information is presented to IT leadership, and that IT customers are well informed of their responsibilities to ensure appropriate information security and related compliance across the district.

ESSENTIAL DUTIES AND RESPONSIBILITIES:To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Job Tasks Descriptions

1. Security Operations, Maintenance, & Defense: Provide systems defense, troubleshooting, timely incident response, forensics, investigation, log analysis, URL filter tuning, and solution designs across the district-wide sets of systems. The range of systems that the Infosecurity Analyst is responsible for includes any technological infrastructure where the District has risk including, diverse server operating systems, various types of virtualization, streaming media and transactional services, network management systems, security infrastructure, wireless/wired clients, Guest and BYOD access, secure transaction systems, education environments, radio communications and related infrastructure. Provide scripting, automated response, automated deployment, and remote servicing options to the district to support these systems.

2. Policy & Strategy: Ensure a strong information assurance posture for the district by recommending changes to instructional policy, researching technologies, testing infrastructure, and implementing security designs in support of the district’s systems architecture. Contribute to plans to implement vulnerability analysis, threat analytics, incident response and testing procedures, and implement training to maintain security readiness by implementing designs, processes, configurations, and technologies based on international and federal standards, RFCs, peer best practices, and other standards sources in additional to current professional practice and due diligence appropriate for the District. Provide support to the evaluation of strategic options of cybersecurity services, auditing, vulnerability testing, consulting, and partnerships to fulfill a range of District Cybersecurity options, while performing “build or buy” options analysis.

3. Professionalism in Practice: Demonstrate exemplary cybersecurity practice, sharing expertise and collaborating with key teams and architects across IT, providing high quality technical configurations and practices, preparing end-user communications, contributing to policy, and contributing technical solutions that efficiently and effectively enhance the district's cybersecurity. Engage in professional development in order to maintain the currency of understanding and awareness of innovative technology options for the district in regards to this practice.

4. Resilience Planning: Provide recommendations for technical resources, resilient design, change management, proactive testing procedures, and physical infrastructure to minimize disruption or impairment of service, achieve regulatory compliance, information assurance, operations resilience, support for innovative education practices, and other district interests at the highest possible levels as it maintains high quality customer service in an ever changing environment. Assess and report on the district’s situation in relation to these requirements and present strategies for ensuring that these requirements are met and that shortcomings are mitigated or otherwise addressed.

5. Collaborative Service Quality: Work within the Infosecurity Team, and district stakeholders, IT architects and IT leadership to contribute to SLAs, cybersecurity policies and ensure that the district infrastructure can meet these requirements across enterprise application environments, computing resources, network availability, and related resources that fulfill district objectives. This environment includes virtual systems, multi-site datacenter resilience, and support for highly integrated sets of systems providing HR/Financial ERP, messaging, District security, education data, storage, telephony, database, remote access, education, and business services.

6. Research: Research and provide security evaluation for new technologies and technology providers to ensure that the district makes secure and yet cost effective technical choices in systems, services, and strategies. Produce cogent and well-referenced reports that inform district security planning, identify risk, clarify opportunity cost, and assess total cost of solution ownership. Provide fair and meaningful evaluation of security technology choices through research, RFP, technical review, risk audits, use case proof of concept, vulnerability testing, and user acceptance methods.

7. Architecture & Engineering: Provide input on and implement cybersecurity design and engineering solutions that support a forward-looking enterprise systems and lead to secure network, systems, and data footprint. Perform business analysis in support of cybersecurity technologies, solutions, and implementations that meet the District’s compliance, privacy, availability, and business continuity needs at a scale appropriate for the District.

8. Professional Currency: Work under the direction of IT leadership to establish and maintain professional affiliations and strategic relationships with incident response organizations, professional organizations, regulatory bodies, standards organizations, vendors, and other organizations of strategic importance to the district to ensure that the department is aware of industry best practices and is well informed in regards to service opportunities, cybersecurity issues and innovations that might have impact on the district.

9. Reporting and Transparency: Work with Team and IT leadership to facilitate and maintain logging, monitoring, alert, and reporting policies and procedures that provide the CITO, I.T. directors, architects, managers, and the Infosecurity Team with timely and actionable information related to enterprise security design, system vulnerabilities, security trends and use cases.

10. Perform other duties as assigned.

EDUCATION AND RELATED WORK EXPERIENCE:

• Associates degree in cybersecurity, computer science, systems administration, information systems, or related area. Other relevant experience in cybersecurity operations or a combination of experience in an information technology position along with relevant certifications such as CKA, AWS-CSA, CySAS+, CSAP, OSCP, OSWE, or 2 other relevant certifications at this level can be considered instead of the associate's degree.

• One year experience preferred with operations and maintenance of key IT infrastructure in one or more of the following areas: desktop management, virtualization, storage, digital data communications, application server support, wired/wireless networks, software development, and systems integration preferred.

LICENSES, REGISTRATIONS or CERTIFICATIONS:

• Criminal background check required for hire.

• Preference for candidates with current certifications relevant to cybersecurity such as CISSP, CKA, AWS-CSA, CySAS+, CSAP, OSCP, OSWE, or other relevant certifications.

SALARY INFORMATION:

The salary listed is for full time positions (1.0 FTE). This salary will be adjusted, as needed, based upon the FTE. Administrative employees' salary will be commensurate on the employees’ education and/or work experience. For additional information, please review ourAdministrative Compensation Program (https://resources.finalsite.net/images/v1644330247/adams12org/byozfuoccsaiwtartzju/2021-10AdminCompProgram.pdf) or review ourAdministrative Salary Schedule (https://www.adams12.org/our-district/careers/lead) .

BENEFITS INFORMATION:

Adams 12 Five Star Schools is committed to providing an environment that promotes a healthy employee population able to serve our students at the highest level. We offer a comprehensive benefits package including medical, dental, vision and life insurance as well as other programs for benefit eligible employees. The employee assistance program, voluntary life insurance through PERA, and 401(k), 403(b) & 457(b) plans are available to all employees regardless of hours worked and are available immediately (upon hire date).

To learn more about our benefits, including paid time off, please see ourBenefits Overview. (https://www.adams12.org/our-district/human-resources/benefits-overview)

THIS POSTING IS NOT INCLUSIVE OF THE JOB DESCRIPTION.

Rev 12/23