Job Class Search
Job Details
IT Security Analyst II
The IT Security Analyst II is responsible for protecting an agency's or organization's computer systems, networks, and data from cyber threats and vulnerabilities. This role involves monitoring security systems, analyzing potential risks, responding to incidents, and implementing measures to safeguard sensitive information. The IT Security Analyst II works proactively to identify weaknesses, maintains compliance with security standards, and ensures the confidentiality, integrity, and availability of organizational data.
Class Code:
IIE03P
Job Grade:
IST07
Special Job Requirements:
Typical Functions:
Monitor network traffic, systems, and applications for suspicious activity and potential threats. Perform vulnerability assessments and penetration testing to identify and mitigate security risks. Investigate, document, and respond to security incidents, breaches, and anomalies. Develop and implement security policies, standards, and procedures to protect information technology infrastructure. Collaborate with information technology teams to ensure secure configurations of systems and applications. Maintain and update security tools such as firewalls, antivirus software, and intrusion detection systems. Conduct regular security audits and risk assessments to ensure compliance with industry standards. Provide security awareness training to employees to promote best practices. Research and evaluate emerging security technologies and threats to recommend innovative solutions. Prepare detailed reports on security incidents, vulnerabilities, and risk mitigation strategies.
Knowledge, Abilities, and Skills:
Excellent analytical and problem-solving skills to detect and resolve security threats. Strong attention to detail and ability to work under pressure in high-stakes situations. Effective communication skills for reporting incidents and providing recommendations to technical and non-technical personnel. Proactive mindset with the ability to anticipate and prevent potential security breaches. Commitment to continuous learning to stay current with evolving cybersecurity threats and technologies.
Minimum Qualifications:
Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or a related field. Minimum of 4 years of experience in information technology security, network administration, or a related field. Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) may be required. Hands-on experience with security tools and technologies, including firewalls, Security Information and Event Management (SIEM) solutions, and endpoint protection. Familiarity with regulatory requirements and frameworks such as General Data Protection Regulation or Payment Card Industry Data Security Standard. Strong understanding of network protocols, operating systems, and cloud security principles. Satisfaction of the minimum qualifications, including years of experience and service, does not entitle employees to automatic progression within the job series. Promotion to the next classification level is at the discretion of the department and the Office of Personnel Management, taking into consideration the employee’s demonstrated skills, competencies, performance, workload responsibilities, and organizational needs.
Required Certificates:
N/A OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE.
Exempt:
E