Cybersecurity Analyst

Description

*This is an in-office position.

General Statement of Duties

This exempt position is responsible for ensuring the cybersecurity and physical security of the Parker Water and Sanitation District (PWSD) IT/OT and infrastructure assets. This position involves participating in the Disaster Recovery program, Business Continuity planning, vulnerability assessments, and penetration testing. This position manages vendor relationships, Zero Trust Architecture, security information and event management, as well as performing root cause analysis, and developing training tools to prevent/mitigate incidents. The Cybersecurity Analyst establishes and maintains key performance indicators (KPIs) to measure the effectiveness of cybersecurity efforts, audit and enforce patch cadence and security policies, and adopts industry frameworks and best practices as a critical component of continuous improvement, training, and education for PWSD staff in physical and cybersecurity best practices.

Supervision Received

Works under the direct supervision of the Director of Technology.

• Team Collaboration: The Cybersecurity Analyst will work closely with the IT/OT Supervisors and staff.
• Executive Reporting: Regularly report cybersecurity metrics, incidents, and risk assessments to the executive leadership team.
• Cross-Departmental Interaction: Collaborate with various departments to ensure comprehensive cybersecurity measures are in place, including Operations, Compliance, and Risk Management.

Primary Duties and Responsibilities

• Disaster Recovery & Business Continuity:
  • Participate in the Disaster Recovery program to ensure minimal Mean Time to Recovery (MTTR).
  • Participate in Business Continuity Planning to support uninterrupted operations.
• Vulnerability Assessment & Penetration Testing:
  • Design, implement, administer and maintain vulnerability management and mitigation solutions
• Vendor Risk Management:
  • Develop and maintain KPIs to measure the effectiveness of cybersecurity efforts in response to vendor cyber incidents.
• Network Monitoring:
  • Monitor internal networks for unauthorized devices.
• Intrusion Detection & Prevention:
  • Integrate threat intelligence and Indication of Compromises (IOCs) into detection and response capability.
  • Communicate threats and mitigation strategies to the Leadership team.
  • Design, implement, administer and maintain SIEM systems and audits.
• Security Policy Enforcement:
  • Design, implement, administer and maintain a Zero Trust approach to cybersecurity.
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Implement and educate principles of Identity Access and Management (IAM), least privilege, passphrase policies, and multifactor authentication procedures.
• Incident Response:
  • Track security incidents and develop root cause analysis reports.
  • Create training tools to alleviate future exposure to cyber/physical incidents.
  • Facilitate Incident Response planning and communications.
• Metrics Development:
  • Develop metrics such as Mean Time to Recovery, Mean Time to Resolve, Mean Time to Contain, Frequency of callouts for PWSD stakeholders.
• Risk Management:
  • Establish baseline goals for detecting and preventing cyber/physical threats specific to water production and treatment facilities.
  • Implement risk management strategies to protect water utility from potential attacks.
• Compliance & Best Practices:
  • Design, implement, administer and maintain Secure Architecture guidelines utilizing established principles of minimization, separation of duty, least privilege, least access, audit logging, and continuous monitoring.
  • Evaluate Federal, State, and industry specific frameworks (NIST, CISA, EPA) and integrate solutions that align organizational risk with industry standards.
  • Assess risks, develop incident response plans, and enhance the overall cybersecurity posture for water utility.
  • Audits existing systems and makes recommendations for improvement.
  • Develop and administer plans, systems, and activities to support and promote the mission, vision and values of the organization.
• Access Control System Maintenance:
  • Design, implement, administer and maintain the access control (badging) and monitoring (cameras) systems to ensure secure access/control of facilities.
• Continuous Improvement:
  • Engage in continuous improvement, training, education, and testing of PWSD staff in physical and cybersecurity best practices.
  • Develops and performs training for PWSD staff as needed.
  • Attends technical and safety training meetings, courses and seminars as required.

• Performs routine physical cleanup and housekeeping of work areas, equipment and buildings using standard cleaning equipment and materials.
• Performs other duties as assigned which may be outside the primary area of responsibility.

Knowledge, Skills & Abilities

• Self-directed, solutions driven, collaborative problem solver.
• Cybersecurity program development, frameworks and management.
• Collaborative and communication skills with the ability to build consensus and influence stakeholders.
• Demonstrated leadership with the ability to take initiative and use critical thinking to make decisions.
• Ability to analyze desired processes and outcomes and advise on the right combination of IT systems and components to achieve strategic business, departmental, team, and functional goals.
• Recognize and understand organizational, public and political influences.
• Advanced knowledge of technology standards and industry best practices.
• Effectively communicate verbally and in writing, organize activities to complete tasks in accordance with priorities, address multiple demands and meet deadlines.
• Utilizes project management best practices, including risk management, quality management, change management, and communications planning.
• Works independently with broad direction and limited supervision, Effectively organize and oversee the work of any assigned personnel, groups, committees, and subject matter experts assigned to project teams to ensure successful completion of projects on schedule.  Ability to work and communicate effectively with internal staff, external contractors, and the community.
• Follows verbal directions and written policies and procedures accurately and completely.

Qualifications / Experience

• Bachelor’s Degree from an accredited college or university in Cybersecurity, Computer Science, Information Technology or a closely related field.
• Minimum 6 years of related work experience.
• An equivalent combination of certifications, education, or experience that provides the required knowledge, skills, and abilities for the position.
  • Preferred Certifications: CISM, CISSP, CEH, CompTIA Security

Working Conditions / Physical Activities

• Monday through Friday, 40-hour work week.
• Standard office environment with constant interruptions and deadlines; mostly sedentary work with computer use for prolonged periods.
• Light physical effort required handling objects up to 40 pounds occasionally and/or up to 5 pounds frequently.
• Full range of body movements including stooping, twisting, kneeling, bending, leaning and reaching.
• Vision is needed for reading, recording and interpreting information; speech and hearing are used to communicate with other employees over the telephone and in person.

Benefits Overview

Parker Water & Sanitation offers a robust benefits program including:

• Low-cost health premiums

• 100% District paid dental and vision insurance

• District HSA contribution for those on our HDHP insurance

• Social Security Replacement program – 401(a)

• 457 (b) retirement plan with District match up to 5%, fully vested right away

• 100% District paid Short- and Long-Term Disability

• 100% District paid Life and Disability Insurance (2x annual salary)

• Tuition Reimbursement up to $5250 per year

• Employee Wellness program

• Public Service Student Loan Forgiveness eligible employer

For a more in-depth overview of the many benefits PWSD offers please visit www.pwsd.org/careers and click on the Total Rewards Program link.

Salary : $91,200 - $115,000