Introduction
This is highly responsible work in system
and security administration across a variety
of computer platforms
and departments.
Nature Of Work
The Senior Security Systems Analyst plays a crucial role
in safeguarding the integrity, confidentiality, and availability of sensitive
information within the City of Tampa's digital infrastructure. As a key member
of the Technology & Innovation Security Office, the incumbent will be
responsible for designing, implementing, and maintaining robust security
systems to protect against cyber threats, ensuring compliance with regulatory
standards, and responding to security incidents. The Senior Security Systems Analyst
will collaborate with various departments to assess security needs, recommend
solutions, and contribute to the overall enhancement of the City of Tampa’s
cybersecurity posture.
Examples of Duties
Security Architecture and Design:
Develops, implements, and maintains
security architectures for critical systems and networks.
Designs and oversees the
implementation of security measures to protect digital assets and sensitive
information.
Security Operations:
Monitors and analyzes security
alerts, incidents, and vulnerabilities.
Conducts regular security
assessments and penetration tests to identify and address potential weaknesses.
Responds promptly to security
incidents and provides detailed post-event analyses.
Policy Development and Compliance:
Contributes to the development and
enforcement of security policies, standards, and procedures.
Ensures compliance with relevant
regulatory requirements and industry best practices.
Collaborations and Training:
Collaborates with other IT staff
and departments to integrate security measures into the overall IT
architecture.
Provides training and awareness
programs to educate staff on security best practices.
Risk Management:
Assess and prioritizes security
risks, recommending appropriate mitigation strategies.
Conducts regular risk assessments
and audits to identify and address potential vulnerabilities.
Incident Response and Investigation:
Leads the response to security
incidents, including coordinating with internal and external stakeholders.
Conducts thorough investigations
into security breaches, documenting findings and recommending corrective
actions.
Vendor Management:
Evaluates and manages third-party
security vendors and tools.
Collaborates with vendors to
implement and maintain security solutions.
Knowledge, Skills & Abilities
Technical
Expertise:
In-depth knowledge of cybersecurity
principles, practices, and technologies. Proficiency in implementing and managing
security technologies, including firewalls, antivirus software, intrusion
detection systems, and endpoint protection solutions. Familiarity with security frameworks such as
NIST, ISO 27001, and CIS Critical Security Controls.
Risk
Management: Ability to assess and prioritize security
risks, understanding their potential impact on the organization. Skill in developing and implementing risk
mitigation strategies and controls. Experience conducting comprehensive risk
assessments and presenting findings to stakeholders.
Incident
Response and Investigation: Proven experience in leading incident response
efforts, including the ability to analyze and contain security incidents
effectively. Skill in conducting thorough security
investigations, documenting findings, and recommending corrective actions. Ability to communicate technical details to
non-technical stakeholders during incident response efforts.
Policy
Development and Compliance: Knowledge of developing, implementing, and
enforcing security policies, standards, and procedures. Understanding of regulatory requirements
applicable to government entities and the ability to ensure compliance. Experience in conducting internal security
audits and assessments.
Collaboration
and Communication: Strong interpersonal skills for effective
collaboration with cross-functional teams and various departments. Excellent written and verbal communication
skills to articulate complex security concepts to both technical and
non-technical audiences. Ability to provide security training and
awareness programs for staff.
Project
Management: Skill in managing security projects from
inception to completion. Experience coordinating with vendors and
external partners to implement security solutions. Ability to prioritize and manage multiple
tasks efficiently, meeting deadlines and delivering high-quality results.
Continuous
Learning: Commitment to staying current with emerging
cybersecurity threats, trends, and technologies. Willingness to pursue relevant certifications
and professional development opportunities. Proactive in identifying and implementing improvements
to enhance the overall security posture of the organization.
Analytical
and Problem-Solving Skills: Strong analytical skills to assess complex
security issues and provide effective solutions. Ability to troubleshoot and resolve security
incidents promptly. Aptitude for critical thinking and a
proactive approach to identifying and addressing security vulnerabilities.
Minimum Qualifications
Bachelor's degree in Information
Technology, Computer Science, or a related field. Proven experience (minimum of 5
years) in a senior-level security role, preferably within a government or
public sector environment.
An equivalent combination of education (not less than possession of a high school diploma/GED), training and experience that would reasonably be expected to provide the job related competencies noted above.
Licenses or Certifications
Possession of a valid drivers license may be required.
Relevant
certifications (e.g., CISSP, CISM, or equivalent) is a plus.
Comments
Employees may be required to work rotating
shifts, including nights,
weekends, holidays, and overtime as needed. During periods when the Mayor issues
an emergency declaration for the City of Tampa, all employees may be required
to work in preparation, response or recovery activities related to the stated
emergency.
