Cyber Security Analyst

POSITION SUMMARY

Under general supervision, the Cyber Security Analyst (CSA) is responsible for assisting with day-to-day cyber security administration and operations. Reporting to the Head of Cyber Security, the CSA is tasked with providing technical expertise in all areas of network, system, and application security. They must have an in-depth understanding of common security tools and protocols. The CSA will conduct cyber security awareness training, research and report on emerging threats, and will be responsible for security administration.

Qualifications

PRIMARY RESPONSIBILITIES

• Responsible for various administrative functions for the office.

o Monitors the Cybersecurity mailbox and reviews and responds to messages as needed.

o Screens incoming phone calls, properly directs each call, takes messages, or replies when appropriate.

o Reviews, investigates, and responds to Help Desk tickets.

o Reviews, investigates, and responds to system alerts and security logs.

o Creates and maintains records of cyber security incidents.

• Assists in Technology's Cybersecurity Awareness and Training.

o Supports the agency in overseeing and developing training materials to increase awareness and enhance employee understanding of organizational cybersecurity initiatives.

o Coordinates cybersecurity awareness and training events, collaborate with others regarding cybersecurity governance and compliance issues and reports.

o Conducts simulated phishing emails in order to understand the organizations cybersecurity awareness

• Administers the following Information Cyber Security systems:

o Secure storage system administration.

o Corporate multi-factor system administration.

o Password management administration.

o Provision/de-provision users, groups, and devices.

o Data access management.

• Researches and analyzes cybersecurity threat indicators and their behaviors for the prevention, detection, containment, and correction of security breaches, and recommends threat mitigation strategies.

• Assesses new security technologies to determine potential value for the enterprise.

• Assists the Head of Cyber Security with other tasks and initiatives.

• Performs other related duties as assigned.

MANAGEMENT RESPONSIBILITIES

Reporting to this position are the following jobs:

Job Title

• N/A

CHALLENGES

• Maintaining knowledge of current cyber technology tools, architectures, and trends in a rapidly changing field.

• Completing cyber activities requiring the assistance of other teams with competing priorities.

EDUCATION/EXPERIENCE REQUIREMENTS

• Bachelor’s degree in information security/cybersecurity, information technology, computer science or related field required plus three (3) years of experience as a security analyst or in related position or an equivalent combination of education or experience relating to this position.

PHYSICAL REQUIREMENTS

• Requires remaining in a stationary position for extended periods of time and constantly operating a computer and other office productivity machinery.

• Must be able to maneuver and move material weight up to 50 pounds.

• Service Area Requirement: Exempt (Non-Union) employees must live within the boundaries of the CTA Statutory Service Area either at the time of employment or within 6 months of beginning employment at CTA.

KNOWLEDGE, SKILLS, AND ABILITIES

• Ability to be a proficient problem-solver that can work autonomously and with others.

• Working knowledge of network applications and protocols, configuration, routers, logging, monitoring, administration.

• Working knowledge of Syslog and SIEM principles, operations, configuration, and usage.

• Working knowledge of operating systems such as Unix, Linux, Microsoft Windows, VMware and Cisco IOS Syslog.

• Detailed knowledge of Command Line Interface syntax and use.

• Working knowledge and awareness of regulatory and security standards and requirements including PII, HIPPA, and PCI.

• Working knowledge of encryption technology, tools, and techniques.

• Good skills with TCP/IP protocol stack and associated applications including Telnet / SSH / FTP (CRT), TFTP, DNS, DHCP.

• Good skills with Microsoft Windows domain networks; firewall management; active directory; multi-factor authentication and VPN.

• Good skills with wired and Wi-Fi networking both on-site and remote; integration with and use of cloud-based resources and secure connections including SaaS and hosted application environments.

• Good skills with Regular Expression (Regex) parsing.

• Working knowledge of communications protocols and file system structures.

• Ability to understand, follow, and train others on regulatory requirements, security standards, and CTA policies, standards, procedures, and vulnerabilities related to technology and security.

• Good written communication skills for preparing reports, composing documentation, and corresponding with CTA employees.

• Ability to maintain absolute confidentiality of sensitive files, data and materials accessed, discussed, or observed, and while adhering to security policies and procedures.

WORKING CONDITIONS

• General office environment.

• May be required to travel to various field locations.

• Subject to various weather conditions when travelling to and from work locations.

• Subject to normal garage, shop, and terminal hazards such as noise, dust, grease, moving vehicles, etc. when working in bus/rail workshops, garages, and terminals.

EQUIPMENT, TOOLS, AND MATERIALS UTILIZED

• Personal computer and related software as needed.