IT Cybersecurity Analyst, Information Technology Department

Position Description SALARY: Starting: $39.30/hourly Full Range: $39.30-$57.68/hourly Grade 23, Non-Exempt Position, (Non-union position) Our Mission: "Provide Exceptional Public Services to Assure a Safe, Healthy, Vibrant County for All" Our Values: Professional | Approachable | Responsive | Collaborative | Fair & Equitable Stearns County derives strength from its workforce and provides a welcoming environment where all are respected and valued. We are currently seeking a skilled cybersecurity leader with enthusiasm and creativity to join our exceptional technology team. The Information Technology Department promotes dynamic ingenuity, the exploration of new technologies, and ongoing professional development. This is your opportunity to make a difference through a rewarding career in public service! Position Objective Security/Cybersecurity. This position is primarily responsible for planning, monitoring, detecting, identifying, analyzing, mitigating, and reporting on security anomalies. The position will also provide incident response support and promote employee cybersecurity awareness utilizing current and future security technologies. The position is also responsible for supporting and maintaining the county’s IT cybersecurity awareness initiatives. Essential Duties and Responsibilities These examples do not include all possible responsibilities in this position and do not limit the assignment of related duties to this classification. - Performs network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems. - Performs threat detection using logs and endpoints to identify and mitigate threats originating from multiple sources. - Correlates activity across assets (endpoint, network, apps) and environments (on-premises and cloud) to identify patterns of anomalous activity. - Reviews alerts and data from sensors, and documents formal, technical incident reports. - Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tabletop exercises, publishing test results and making changes necessary to address deficiencies. - Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary. - Identifies and evaluates top human cybersecurity risks to the organization and the behaviors that must change to mitigate those risks. - Develops, reviews, implements, and maintains a cybersecurity awareness program to mitigate human risks present in the organization’s network environment. - Establishes, and then maintains, an understanding of employee awareness around the organization. - Reviews existing security policies to ensure they are current and effective. Recommend improvements to enhance securitypolicies.Identifyanddevelopnew security policies to address emerging - Attends work in a regular and timely manner. - Performs other duties as assigned or apparent. Minimum Qualifications and Desirable Knowledge, Skills and Abilities Minimum Qualifications In order to be considered for this position, applicants must possess the following: - Bachelor's degree and four years of information technology-related support experience using industry standard security tools and methodologies, obtained within the last six years. (A degree in computer science, information technology, cybersecurity, or related technology field is preferred.) - OR Associate's degree and eight years of progressively related experience around information technology-related support using industry standard security tools and methodologies. (A degree in computer science, information technology, cybersecurity, or related technology field is preferred.) Preferred Experience Beyond Minimum Qualifications: - Proficiency in Windows, Linux, and Unix operating systems. - Experience with security tools like SIEM (Security Information and Event Management), DLP (Data Loss Prevention), antivirus, and anti-malware. - Experience in handling and responding to security incidents and breaches. - Understanding of risk assessment and management frameworks (e.g., NIST, ISO 27001). - Experience in public sector or government environments. Desirable Knowledge, Skills, and Abilities - Knowledge of firewalls, VPNs, IDS/IPS, and other network security technologies. - Knowledge of scripting languages such as Python, PowerShell, or Bash. - Knowledge of encryption standards and cryptographic techniques. - Knowledge of regulations and compliance requirements specific to government or public sector entities - Knowledge of cloud computing platforms and their security features (e.g., AWS, Azure, Google Cloud). - Knowledge and experience configuring and managing: - Trend XDR/EDR - Microsoft M365 G5 Security products - Microsoft Azure - Microsoft Entra - Microsoft Office - Microsoft Windows 10/11 - KnowBe4 - Security Awareness Platform. - Skilled in problem-solving to address and mitigate security threats. - Skilled in conducting vulnerability assessments and penetration testing. - Ability to translate business requirements into technical architecture and designs for network security models. - Ability to use written and verbal communication skills for reporting and policy development. - Ability to analyze complex problems and develop effective solutions - Ability to show a high level of attention to detail to identify and address security vulnerabilities. - Ability to work effectively as part of a team and collaborate with other departments. - Ability to adapt to rapidly changing technology and threat landscapes. - Ability to show a strong sense of ethics and integrity in handling sensitive information. - Ability to commit to continuous education and staying updated with the latest cybersecurity trends and technologies. Accountabilities, Work Environment and Extent of Supervision or Guidance Provided Accountabilities Shared by All Employees 1. Performs job responsibilities in a manner consistent with the County's vision, mission and values. 2. Develops and maintains a thorough working knowledge of all department and County-wide policies, protocols and procedures that apply to the performance of this position. 3. Develops respectful and cooperative working relationships with co-workers. 4. Informs immediate supervisor of all important matters pertaining to assigned job responsibilities. 5. Seeks opportunities for further personal growth and development. 6. Represents the County in a professional manner to all internal and external contacts when doing the County's business. 7. Complies with all rules and policies in order to maintain a safe work environment. Work Environment and Physical Demands The primary responsibilities for this position will be performed approximately 100% of the time indoors. This position allows for a Hybrid work environment. May require minimal travel to off-site locations and minimal attendance at evening meetings. Will have infrequent exposure to health hazards and accidents; requires a low level of physical effort. All employees are required to reside within the state of Minnesota. Extent of Supervision or Guidance Provided Work is performed under the general supervision of the Technology Services Manager. Responsibility for Public Contact Frequent. Hours of Work, Testing and Interview Dates Hours of Work Monday through Friday, 8:00 a.m. to 4:30 p.m. and occasional evening and weekends as required. Interview Date If you are selected to be interviewed for this position interviews will be held on a date to be determined. Invitations to interview will be sent to the email address listed on the job application and will be based upon an assessment of education and experience. If you require special accommodations to participate in the Stearns County hiring process, please contact us at 320-656-3606. To view Stearns County benefits go to: Stearns County Benefits Page