Sr. IT Security Analyst

The anticipated hiring range is between $118,646 - $139,584 depending on qualifications.

The Sr. IT Security Analyst is focused on safeguarding the organization’s technology from risks and attacks. They play a crucial role in protecting the Port’s technology from unauthorized access, threats, and vulnerabilities. This role involves monitoring, detecting, investigating, analyzing, and responding to security events. Additionally, they will implement and maintain defensive measures using cybersecurity systems, tools and best practices.Securing the Port’s Technology:

• Oversee access, identify suspicious activity, and recommend solutions to reduce risk and prevent cyberattacks
• Partner with other IT team members to secure networks, systems, applications, and the Port’s sensitive information by ensuring that best practices are followed. 
• Continuous development and use of modern security controls to protect the Port’s endpoints
• Timely communication regarding security issues to peers and management
• Validate security software and firmware updates are installed and current on all networks and systems

Performing Security Assessments:

• Identify, assess and prioritize system vulnerabilities for timely remediation
• Assess and prioritize potential risks and their impacts on organizational assets
• Conduct or lead third parties through simulated attacks to identify and address security weaknesses
• Assess regulations and standards through regular audits and corrective actions
• Provide input on security policies from assessments to address current threats and recommendations for organizational alignment

Cybersecurity Incident Response and Disaster Recovery Planning:

• Respond to security incidents, including containment, eradication, and recovery efforts
• Timely communications and activation of Incident Response Team
• Conduct post-incident analysis to determine root cause and preventative measures
• Maintain and update incident response documentation and tools
• Plan annual Cybersecurity Incident Response and Disaster Recovery Tabletop exercises
• Evaluate and update disaster recovery plans based on lessons learned and actual incidents

Education, Audit and Compliance:

• Maintain and advance security awareness, phish testing and specialized training for employees
• Contribute to Informing staff about new security threats, policies, and procedures through regular updates and educational materials
• Conduct internal security audits, support external auditors, and ensure audit findings are addressed
• Track and maintain all audit recommendations and report on remediation progress
• Stay current with relevant laws, regulations, and industry standards, and assist in the development of policies to ensure compliance
• Consult on security policies and procedures and alignment with compliance requirements

Managing Business and Vendor Partnerships:

• Establish and sustain effective working relationships with internal IT teams and business partners
• Collaborate with organizations such as the U.S. Coast Guard, CISA, MS-ISAC, MTS-ISAC, WA State Fusion Center, AAPA, Port of Seattle etc.
• Supervise and maintain relationships with the Port’s Cybersecurity vendors, specifically for:
  • Managed Services
  • Annual penetration testing
  • Annual security performance audits
  • Annual incident response (IR) and disaster recovery (DR) tabletop exercises
  • Various annual government and military assessments and audits

Governance and Risk Management:

• Develop, update, evaluate, and help implement security policies, standards, and procedures to ensure they are in line with organizational objectives and regulatory mandates.
• Partner with stake holders to assist in the implementation and maintenance of a governance framework to oversee security initiatives, ensuring they are effectively managed and integrated across the organization
• Partner with the Cybersecurity Oversight Committee to discuss risk, remediation and oversight (monthly)
• Conduct regular risk assessments and analyses to identify, evaluate, and prioritize potential security threats and vulnerabilities
• Develop and implement risk mitigation strategies and controls, and continuously monitor and report on the effectiveness of these measures

Bachelor’s degree in cybersecurity, computer science or information technology or related field is required. An additional four (4) years’ experience in Cybersecurity may substitute for a bachelor’s degree.

A minimum of five (5) years progressively responsible Cybersecurity experience in risk management, governance, audit and compliance required.

Experience working with the NIST CSF 1.1 or greater preferred.

Preferred Professional Certifications:

• CCSP: Certified Cloud Security Professional (or related industry security certs)
• CEH: Certified Ethical Hacker
• CISM: Certified Information Security Manager
• CISSP: Certified Information Systems Security Professional
• CompTIA Security /CySA

Knowledge

• Demonstrated knowledge of security protocols, incident response, threat analysis, vulnerability assessment, and security technologies.
• Knowledge and familiarity in NIST CSF 1.1 and related cybersecurity standards, protocols, and regulations.
• Familiarity with security technologies, firewalls, IDS/IPS, antivirus, encryption, and vulnerability management tools.
• Knowledge of incident response processes, disaster recovery planning, and post-incident analysis 
• Understanding of GRC frameworks to ensure the organization meets regulatory requirements and industry best practices.
• Awareness of how to develop, evaluate, and implement security policies and procedures in alignment with organizational goals and regulatory mandates.
• Knowledge of managing relationships with cybersecurity vendors and collaborating with external partners like government agencies and other relevant organizations.

Skills

• Skill in conducting risk assessments, identifying vulnerabilities, prioritizing remediation efforts to mitigate security risks.
• Advanced ability to perform technical security assessments, including vulnerability scanning, penetration testing, and threat analysis.
• Strong communication skills, both written and verbal, to effectively convey security issues, policies, and procedures to various stakeholders, including non-technical audiences.
• Proficiency in coordinating and executing incident response plans, including containment, eradication, and recovery, as well as conducting root cause analysis.
• Expertise in conducting internal security audits, supporting external audits, and ensuring compliance with laws, regulations, and industry standards.
• Skill in staying updated with the latest cybersecurity threats, technologies, and best practices, and applying this knowledge to the organization’s security posture.

Abilities

• Ability to analyze complex security incidents, assess the impact, and develop effective solutions to address vulnerabilities.
• Ability to work with cross-functional teams, including management, and external partners, to achieve security objectives.
• Capability to lead security initiatives, mentor, and influence stakeholders to adopt best practices in cybersecurity.
• Ability to monitor systems, detect suspicious activities, and ensure all security measures are implemented and maintained accurately.
• Ability to make timely, informed decisions in high-pressure situations, particularly during security incidents or breaches.
• Skill in managing cybersecurity projects, planning, and execution, to ensure they are completed on time and within scope.

Salary : $107,376 - $171,792