CYBER SECURITY ANALYST II 1816
DISTINGUISHING
FEATURES OF THE CLASS
An
employee in this class is involved in reviewing and responding to advanced cyber
security threats categorizing and resolving cybersecurity threats within a
County Department or a non-County jurisdiction. The incumbent monitors and
configures IT security systems, performs digital forensic review of breached
systems, and reviews the extent of a security breach and plans and implements
recovery efforts. Work is performed under the general supervision of a higher
level administrator, and is reviewed through conferences, consultations and the
submission of required reports. In a non-County jurisdiction the employee will
perform highly complex technical work supervising lower level Cyber Security
Analysts or act as the technical expert in cybersecurity for a small
jurisdiction. Duties require independent judgment and initiative. Does related
work as required.
TYPICAL
WORK ACTIVITIES
Monitors and maintains cybersecurity
infrastructure and/or policies and procedures to protect information systems
from unauthorized use and responds to advanced cybersecurity help desk
requests;
Performs advanced cybersecurity
incident detection, analysis and prevention;
Prepares disaster recovery plans and
business continuity plans;
Coordinates recovery processes of
breached systems by communicating with affected users and informing users of
current security processes and procedures to mitigate future breaches;
Configures
email gateway systems, firewalls, and endpoint detection and response system
configuration;
Responsible for managing identity
and access management (IAM);
Reviews, designs and delivers
security compliance and awareness training;
Conducts IT data and security
forensic investigations;
Researches new security risk and
mitigation strategies, tools, techniques, and solutions for the prevention,
detection, containment, and correction of data security breaches;
Provides input into the development
of security policies;
Refers highly advanced cybersecurity
issues to higher level supervisor or administrator;
FULL
PERFORMANCE KNOWLEDGES, SKILLS, ABILITIES AND PERSONAL CHARACTERISTICS
Thorough
knowledge of cybersecurity and information security controls, practices,
procedures, and regulations; thorough knowledge of network protocols,
encryption techniques, firewalls, virtual private networks, database
structures, wireless communications, and access security techniques; thorough
knowledge of the current literature sources of information and recent
developments in the field of information technology security; good knowledge of
the current principles, practice, and procedures of information technology; ability
to analyze facts and exercise sound judgment in arriving at conclusions; ability
to express oneself clearly and concisely, both orally and in writing; good
judgment; physical condition commensurate with the demands of the position.
MINIMUM
QUALIFICATIONS
OPEN
COMPETITIVE
Either:
A)
Graduation from a college with federally-authorized accreditation or
registration by NY State with a Bachelor's Degree which includes, or is
supplemented by, twelve (12) credits in information technology or a computer
related field, and three (3) years of experience in cybersecurity analysis, information
security analysis, or digital forensics; or,
B) Graduation from a standard senior
high school or possession of a high school equivalency diploma, and seven (7)
years of experience in cybersecurity analysis, information security analysis,
or digital forensics; or,
C)
An equivalent combination of education and experience as defined by the limits
of A) and B).
NOTE: A Master’s Degree in Cybersecurity or a closely related
field, may be substituted for two (2) of the required years of experience.
SPECIAL
NOTE: Because of the rapid evolution of technology
in this field, qualifying experience must have been gained within the last eight
(8) years.
PROMOTIONAL
Two (2) years of permanent
competitive status as a Cyber Security Analyst I
01/01/23
SUFFOLK
COUNTY
Competitive