Cyber Security Analyst Senior
Apply NowCompany: Orange County Clerk of Courts
Location: Orlando, FL 32828
Description:
Job Title
Cyber Security Analyst Senior
Location
Clerk of Courts - Orlando, FL US (Primary)
Category
Technical
Salary Grade
$39.94 - $53.27
Job Type
Full-time
Job Description
Job Overview:
Monitor security systems, investigate and respond to incidents, and implement robust security controls to mitigate risk. This role works closely with IT teams to conduct thorough security audits and assist in developing and maintaining effective security policies and procedures. Additionally, mentor team members, promoting cyber security awareness and best practices. By aligning with industry standards such as the NIST Cyber Security Framework (NIST CSF) and other relevant regulatory requirements, the Senior Analyst helps maintain a proactive and adaptive security posture to defend against evolving cyber threats.
Essential Functions:
Employees performing in this job function may perform some or all the duties. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position.
Develop and document essential security controls, along with administrative procedures to monitor their effectiveness.
Develop and deliver end-user cyber security awareness training materials.
Proactively assess potential risks and opportunities for improved security.
Conduct security reviews to ensure new applications are properly protected before implementation.
Generate reports on security incidents, vulnerability findings, remediation progress, and security assessments.
Oversee the processes for managing application and interface access controls, ensuring compliance with regulations and maintaining proper segregation of duties.
Ensure alignment with NIST CSF, PCI DSS, PII, SOX, and other applicable frameworks and regulatory requirements.
Perform regular vulnerability scans using tools like OpenVAS or Nessus, and track remediation efforts.
Assist with continuous review and improvement of cyber security policies, procedures, and the IT policy catalog.
Work closely with the Cyber Security Manager, IT Infrastructure, and other teams to align security practices with organizational goals.
Examine and address security incidents, such as phishing attempts, malware detections, unauthorized access, and security breaches ensuring a prompt and effective response.
Conduct incident triage, containment, documentation, and reporting, while escalating more complex issues to the Cyber Security Manager for further action.
Stay current with emerging security threats, vulnerabilities, and best practices through continuous learning and professional development.
Maintain detailed records of security events, incident responses, and audit documentation.
Develops and oversees the patch management strategy, ensuring the process is effective and consistently applied to maintain system security.
Mentor and provide guidance to Cyber Security Analysts.
Conduct system audits ensuring adherence to security configurations, hardening baselines, and compliance requirements.
Lead forensic analysis for major security events, working closely with internal teams and external partners to investigate and resolve incidents.
Continuously monitor security alerts and logs from SIEM platforms, endpoint protection tools, network traffic, and other relevant sources.
Design and implement phishing simulation campaigns to enhance security awareness and educate employees on recognizing potential threats.
Create processes to prevent unauthorized access and alterations to production systems and data.
Provide guidance and technical support to staff regarding secure practices and threat prevention measures.
Advise on significant security improvements and changes within the organization.
Perform other functions, duties, and conduct special projects as assigned.
Job Requirements
Minimum Qualifications Required:
Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field. Equivalent experience may be considered.
Minimum of eight (8) years of experience in Information Technology, including four (4) years in cyber security operations, security monitoring, or incident response.
Technical Expertise: Experienced installing and configuring security tools including SIEM and SOAR platforms, endpoint protection software, vulnerability scanners, firewalls, application firewalls, and IDS/IPS.
Networking Knowledge: Advanced knowledge of network security principles, IP subnetting, and security protocols such as TCP/IP, VPN, DNS, SSL, IPSec.
Regulatory & Framework Compliance: Experienced with cyber security standards and regulations, including NIST CSF, PCI DSS, PII, SOX.
Threat Mitigation: Working knowledge of Attack Surface Reduction (ASR) techniques.
Microsoft Security Tools: Experienced working with Microsoft SCCM, Intune, and Microsoft SecOps unified console (XDR).
Certifications: Must hold or be willing to obtain one of the following certifications within six months:
o ISC2 Certified in Cybersecurity (CC)
o CompTIA Cybersecurity Analyst (CySA+)
o CompTIA Security+
o Microsoft Certified: Security Operations Analyst Associate
o GIAC Security Essentials (GSEC)
o Certified Ethical Hacker (CEH)
Preferred Qualifications:
Working knowledge of VMWare vSphere for VM provisioning.
Working knowledge of Citrix Netscaler security features.
Technical Requirements:
Advanced knowledge in server and network security, including Windows Server, Desktop OS, and Linux, TCP/IP, VPN, DNS, digital certificates, SSL, IPSec, and web security architecture.
Ability to:
o Respond to incidents in a timely fashion according to agreed standards.
o Monitor and ensure completion of vulnerability scans and timely patching.
o Demonstrate continuous improvement in cyber security KPIs.
o Ensure alignment with NIST CSF requirements and organizational policies.
o Work in a standard office environment with occasional after-hours support.
o Perform periodic remote work with secure access measures in place.
o Manage multiple tasks and prioritize under pressure.
o Design and implement information systems security.
o Evaluate and develop solutions to security challenges.
o Develop, document, and communicate policies and procedures.
o Travel to all work locations including outlying branches.
Working Conditions:
This job is eligible for Hybrid Remote and Flexible Work Schedule.
This job is absent of disagreeable working conditions. This job is performed in an office work environment.
This is a Safety and Security Sensitive Position in which a drug impairment constitutes an immediate and direct threat to public health, safety, or security, requiring a high degree of public trust in protecting court records and individual PII (Personally Identifiable Information). The Orange County Clerk of Courts Safety and Security Sensitive Positions requires the employee to perform one or more of the following:
Work with confidential customer and/or employee information.
Access our Case Management System "Odyssey" that contains PII (personally identifiable information).
Access our "Munis System" that contains our banking accounts information, financial information, and PII (personally identifiable information).
Access to Court Evidence that includes but is not limited to (controlled substances, criminal investigation documents, weapons, and other like items).
Access to the juvenile facility.
Handle cash and other forms of payment such as credit cards.
Set up differed payments for customers.
Be sworn to "Oath by the Clerk".
Operate heavy equipment such as a forklift and scissor lift.
Operate company vehicle.
Physical Requirements:
Constant: sitting, speaking, hearing, typing, writing, detailed inspection and reading.
Frequent: standing, walking and repetitive motions.
Occasional: bending/stooping, pushing, pulling, and lifting (up to 25 pounds).
Rare: reaching over head, kneeling, crawling, climbing and driving a company vehicle.
# of Hires Needed
1
Closing Date
Cyber Security Analyst Senior
Location
Clerk of Courts - Orlando, FL US (Primary)
Category
Technical
Salary Grade
$39.94 - $53.27
Job Type
Full-time
Job Description
Job Overview:
Monitor security systems, investigate and respond to incidents, and implement robust security controls to mitigate risk. This role works closely with IT teams to conduct thorough security audits and assist in developing and maintaining effective security policies and procedures. Additionally, mentor team members, promoting cyber security awareness and best practices. By aligning with industry standards such as the NIST Cyber Security Framework (NIST CSF) and other relevant regulatory requirements, the Senior Analyst helps maintain a proactive and adaptive security posture to defend against evolving cyber threats.
Essential Functions:
Employees performing in this job function may perform some or all the duties. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position.
Develop and document essential security controls, along with administrative procedures to monitor their effectiveness.
Develop and deliver end-user cyber security awareness training materials.
Proactively assess potential risks and opportunities for improved security.
Conduct security reviews to ensure new applications are properly protected before implementation.
Generate reports on security incidents, vulnerability findings, remediation progress, and security assessments.
Oversee the processes for managing application and interface access controls, ensuring compliance with regulations and maintaining proper segregation of duties.
Ensure alignment with NIST CSF, PCI DSS, PII, SOX, and other applicable frameworks and regulatory requirements.
Perform regular vulnerability scans using tools like OpenVAS or Nessus, and track remediation efforts.
Assist with continuous review and improvement of cyber security policies, procedures, and the IT policy catalog.
Work closely with the Cyber Security Manager, IT Infrastructure, and other teams to align security practices with organizational goals.
Examine and address security incidents, such as phishing attempts, malware detections, unauthorized access, and security breaches ensuring a prompt and effective response.
Conduct incident triage, containment, documentation, and reporting, while escalating more complex issues to the Cyber Security Manager for further action.
Stay current with emerging security threats, vulnerabilities, and best practices through continuous learning and professional development.
Maintain detailed records of security events, incident responses, and audit documentation.
Develops and oversees the patch management strategy, ensuring the process is effective and consistently applied to maintain system security.
Mentor and provide guidance to Cyber Security Analysts.
Conduct system audits ensuring adherence to security configurations, hardening baselines, and compliance requirements.
Lead forensic analysis for major security events, working closely with internal teams and external partners to investigate and resolve incidents.
Continuously monitor security alerts and logs from SIEM platforms, endpoint protection tools, network traffic, and other relevant sources.
Design and implement phishing simulation campaigns to enhance security awareness and educate employees on recognizing potential threats.
Create processes to prevent unauthorized access and alterations to production systems and data.
Provide guidance and technical support to staff regarding secure practices and threat prevention measures.
Advise on significant security improvements and changes within the organization.
Perform other functions, duties, and conduct special projects as assigned.
Job Requirements
Minimum Qualifications Required:
Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field. Equivalent experience may be considered.
Minimum of eight (8) years of experience in Information Technology, including four (4) years in cyber security operations, security monitoring, or incident response.
Technical Expertise: Experienced installing and configuring security tools including SIEM and SOAR platforms, endpoint protection software, vulnerability scanners, firewalls, application firewalls, and IDS/IPS.
Networking Knowledge: Advanced knowledge of network security principles, IP subnetting, and security protocols such as TCP/IP, VPN, DNS, SSL, IPSec.
Regulatory & Framework Compliance: Experienced with cyber security standards and regulations, including NIST CSF, PCI DSS, PII, SOX.
Threat Mitigation: Working knowledge of Attack Surface Reduction (ASR) techniques.
Microsoft Security Tools: Experienced working with Microsoft SCCM, Intune, and Microsoft SecOps unified console (XDR).
Certifications: Must hold or be willing to obtain one of the following certifications within six months:
o ISC2 Certified in Cybersecurity (CC)
o CompTIA Cybersecurity Analyst (CySA+)
o CompTIA Security+
o Microsoft Certified: Security Operations Analyst Associate
o GIAC Security Essentials (GSEC)
o Certified Ethical Hacker (CEH)
Preferred Qualifications:
Working knowledge of VMWare vSphere for VM provisioning.
Working knowledge of Citrix Netscaler security features.
Technical Requirements:
Advanced knowledge in server and network security, including Windows Server, Desktop OS, and Linux, TCP/IP, VPN, DNS, digital certificates, SSL, IPSec, and web security architecture.
Ability to:
o Respond to incidents in a timely fashion according to agreed standards.
o Monitor and ensure completion of vulnerability scans and timely patching.
o Demonstrate continuous improvement in cyber security KPIs.
o Ensure alignment with NIST CSF requirements and organizational policies.
o Work in a standard office environment with occasional after-hours support.
o Perform periodic remote work with secure access measures in place.
o Manage multiple tasks and prioritize under pressure.
o Design and implement information systems security.
o Evaluate and develop solutions to security challenges.
o Develop, document, and communicate policies and procedures.
o Travel to all work locations including outlying branches.
Working Conditions:
This job is eligible for Hybrid Remote and Flexible Work Schedule.
This job is absent of disagreeable working conditions. This job is performed in an office work environment.
This is a Safety and Security Sensitive Position in which a drug impairment constitutes an immediate and direct threat to public health, safety, or security, requiring a high degree of public trust in protecting court records and individual PII (Personally Identifiable Information). The Orange County Clerk of Courts Safety and Security Sensitive Positions requires the employee to perform one or more of the following:
Work with confidential customer and/or employee information.
Access our Case Management System "Odyssey" that contains PII (personally identifiable information).
Access our "Munis System" that contains our banking accounts information, financial information, and PII (personally identifiable information).
Access to Court Evidence that includes but is not limited to (controlled substances, criminal investigation documents, weapons, and other like items).
Access to the juvenile facility.
Handle cash and other forms of payment such as credit cards.
Set up differed payments for customers.
Be sworn to "Oath by the Clerk".
Operate heavy equipment such as a forklift and scissor lift.
Operate company vehicle.
Physical Requirements:
Constant: sitting, speaking, hearing, typing, writing, detailed inspection and reading.
Frequent: standing, walking and repetitive motions.
Occasional: bending/stooping, pushing, pulling, and lifting (up to 25 pounds).
Rare: reaching over head, kneeling, crawling, climbing and driving a company vehicle.
# of Hires Needed
1
Closing Date