CYBER SECURITY ANALYST I 1815
DISTINGUISHING
FEATURES OF THE CLASS
An
employee in this class is involved in evaluating and categorizing entry-level
cyber security threats to ensure the proper response and solution within a
County Department or a non-County agency. The incumbent performs specialized
work in conducting vulnerability scans on information technology systems,
operating and monitor network and intrusion detection/prevention systems, and assisting
in the implementation of security solutions on systems and applications. Work
is performed under the general supervision of a higher level IT security
supervisor or other administrator, and is reviewed through conferences,
consultations, and the submission of required reports. Duties require independent
judgment and initiative in cybersecurity incident detection, analysis and
prevention. Does related work as required.
TYPICAL
WORK ACTIVITIES
Monitors and analyzes basic
cybersecurity alerts through various cybersecurity tools, including help desk
requests for both incidents and catalog services;
Performs cybersecurity incident detection,
analysis and prevention;
Assists
in configuring email gateway systems, firewalls, and endpoint detection and
response system configuration;
Conducts monitoring of data security
and implements controls as directed; controls include access control lists
(ACL), encryption, two-factor authentication, and strict password protocols;
Sets up and maintains virtual
private network (VPN) accounts for employees and contractors;
Conducts data security remediation
such as security patching;
Refers suspicious data logs and
activities to higher level IT staff;
Delivers security compliance and
awareness education and training;
Provides input to the preparation of
disaster recovery plans and business continuity plans;
Provides in-house technical support
for questions and problems;
Updates
manuals to reflect changes of information technology procedures and provides
program documentation.
FULL
PERFORMANCE KNOWLEDGES, SKILLS, ABILITIES AND PERSONAL CHARACTERISTICS
Good
knowledge of cybersecurity and information security controls, practices,
procedures, and regulations; good knowledge of network protocols, encryption
techniques, firewalls, virtual private networks, database structures, wireless
communications, and access security techniques; Good knowledge of the current
literature sources of information and recent developments in the field of
information technology security; working knowledge of the current principles, practice,
and procedures of information technology; ability to analyze facts and exercise
sound judgment in arriving at conclusions; ability to express oneself clearly
and concisely, both orally and in writing; good judgment; physical condition
commensurate with the demands of the position.
MINIMUM
QUALIFICATIONS
OPEN
COMPETITIVE
Either:
A)
Graduation from a college with federally-authorized accreditation or
registration by NY State with a Bachelor's Degree which includes, or is
supplemented by, twelve (12) credits in information technology or a computer
related field, and one (1) year of experience in cybersecurity analysis,
information security analysis, or digital forensics; or,
B) Graduation from a standard senior
high school or possession of a high school equivalency diploma, and five (5)
years of experience in cybersecurity analysis, information security analysis,
or digital forensics; or,
C)
An equivalent combination of education and experience as defined by the limits
of A) and B).
NOTE: All of the required experience above may be substituted
with a Master’s Degree in Cybersecurity or a closely related field.
SPECIAL
NOTE: Because of the rapid evolution of technology
in this field, qualifying experience must have been gained within the last six
(6) years.
01/01/23
SUFFOLK
COUNTY
Competitive