Under the general direction of the Senior Manager of Information Security, the Information Security Analyst I or II is responsible for supporting key vulnerability management and security information event management functions. This role involves identifying, analyzing, and remediating potential environmental threats, requiring a solid understanding of current and emerging vulnerabilities and threats in the security industry, as well as key business and technological processes. The Information Security Analyst I or II performs essential client-facing managed security services activities.

SUPERVISES OTHERS: NO

FLSA STATUS: EXEMPT

COMPENSATION: Analyst I ($87, 615 - $100, 757 Based on Experience), Analyst II ($91, 615 - $105, 257 Based on Experience

ESSENTIAL FUNCTIONS

· Assisting in the detection and response to security incidents by following established protocols to mitigate risks and restore security.

· Performing routine vulnerability scans and assessments to identify potential weaknesses in the organization's systems and networks.

· Participating in internal and external security audits to ensure compliance with security policies and regulatory requirements.

· Maintaining detailed documentation of security incidents, findings from audits, and vulnerability assessments, and generating reports for management.

· Assisting in developing and delivering security awareness training for employees to promote best practices in information security.

· Helping to implement and enforce security policies, procedures, and guidelines within the organization.

· Staying up-to-date with the latest security threats, vulnerabilities, and technology trends to inform security practices.

· Working closely with other IT and security team members to enhance the organization's overall security posture.

· Providing support for security tools and technologies, including firewalls, intrusion detection systems, and antivirus software.

This list is not intended to be all-inclusive, and you may not be responsible for every item listed. The employer reserves the right to assign additional functions and responsibilities as necessary.

COMPETENCIES

• Self-Management: Manages own time, priorities, and resources to achieve goals.

• Technical Focus: Maintaining up-to-date knowledge within one's field of expertise; Applying technical skills and knowledge.

• Problem Solving: Having the ability to identify problems and issues of varying complexities and to find effective solutions with few guidelines.

• Teamwork: The ability to function effectively within a team, contributing positively to collaborative efforts and achieving shared goals by demonstrating communication, collaboration, active listening, conflict resolution, and adaptability to different perspectives while respecting the roles and contributions of others. At times takes lead and positively influences others.

REQUIRED FOR ALL HCAA JOBS

• In the event of an emergency or disaster that impacts the Hillsborough County Aviation Authority (HCAA), an employee may be required to respond promptly to duties and responsibilities as assigned by the employee’s department or the HCAA Emergency Operations Center (EOC). Such assignments may be before, during, or after the emergency/disaster.
• Complies with all HCAA Policies, Procedures, and Standards.

QUALIFICATIONS (EDUCATION, EXPERIENCE, LICENSES & CERTIFICATIONS)

• Associate’s Degree in Information Systems, Computer Science, Management Information Systems, Computer Engineering, or a related field.

• Analyst I - One (1) year experience; Analyst II - Two (2) years of security knowledge and technical experience in a diverse range of IT systems – specifically with PCI compliance, logging solutions, vulnerability management solutions, Microsoft enterprise technologies, Cisco enterprise technologies, and Redhat Linux technologies, PCI compliance, logging solutions, vulnerability management solutions.

• At least one technical certification obtained in the last three years from the following organizations: Cisco, Microsoft, or CompTIA. Or equivalent combination of education, training, and experience.

• Must possess a valid Florida Driver License.

• Must have the ability to pass a background check.

• Must be able to participate in an on-call rotation or be on-call.

PREFERRED QUALIFICATIONS

• A Certified Information Systems Security Professional (CISSP) certification.

KNOWLEDGE, SKILLS, AND ABILITIES

• Fundamentals of Information Security: Understanding core concepts such as confidentiality, integrity, availability, and the principles of risk management.

• Network Security: Basic knowledge of network protocols, firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS).

• Operating Systems: Familiarity with various operating systems, especially Windows and Linux, including their security features.

• Security Frameworks and Standards: Awareness of standards and frameworks like NIST, ISO 27001, and PCI DSS.

• Threat Landscape: Understanding common threats, vulnerabilities, and attack vectors (e.g., malware, phishing, social engineering).

• Incident Response: Basic principles of incident detection, response, and reporting.

• Compliance and Regulatory Requirements: Knowledge of relevant laws and regulations affecting information security, such as GDPR, HIPAA, etc.

• Analytical Skills: Ability to analyze security incidents and identify patterns or anomalies in data.

• Technical Proficiency: Familiarity with security tools (e.g., SIEM, antivirus, vulnerability scanners) and basic scripting or programming skills (e.g., Python, Bash).

• Communication Skills: Clear verbal and written communication skills to convey security concepts and incidents to non-technical stakeholders.

• Problem-Solving Skills: Ability to troubleshoot and resolve security issues efficiently.

• Attention to Detail: Meticulousness in analyzing logs and reports to identify potential security threats.

• Team Collaboration: Ability to work effectively in a team environment, collaborating with IT and security professionals.

• Continuous Learning: Willingness to stay updated on the latest security trends, threats, and technologies.

• Time Management: Ability to prioritize tasks and manage multiple assignments under tight deadlines.

• Ethical Judgment: Understanding the importance of ethical behavior in handling sensitive information and security matters.

• Adaptability: Ability to adapt to new tools, technologies, and processes in a rapidly changing field.

PHYSICAL ABILITIES

• Occasional standing & walking

• Sitting up to 6 hours per day

• Continuous typing

The Hillsborough County Aviation Authority-Tampa International Airport provides equal employment opportunity to all persons, regardless of age, race, religion, color, national origin, sex, political affiliations, marital status, non-disqualifying physical or mental disability, sexual orientation, membership, or non-membership in an employee organization, or based on personal favoritism or other non-merit factors.

The Hillsborough County Aviation Authority-Tampa International Airport welcomes and encourages applications from minorities, veterans, and persons with physical and mental disabilities, and will reasonably accommodate the needs of those persons in the application, testing and hiring process. The decision to grant reasonable accommodation requests will be made case-by-case.