Description:
The Cybersecurity Analyst oversees the Seattle Public Library’s (SPL) cybersecurity program, ensuring systems are secure and align with industry best practices. This role encompasses the management and development of a comprehensive cybersecurity program that spans all SPL departments. The individual collaborates with stakeholders at all levels to develop innovative and operationally beneficial solutions. Reporting to and following the strategic direction from the Library Technology Office (LTO), the Cybersecurity Analyst works collaboratively to determine priorities and develop timeframes. This position requires strong analytical skills, extensive knowledge of cybersecurity standards and principles, and the ability to interface effectively with all levels of the organization. The incumbent must also possess a thorough understanding of project management and at times will independently manage the implementation of security solutions in collaboration with team members.
Job Responsibilities
- Exercise sound judgement and independent decision making with limited supervision.
- Maintain a high degree of discretion with broad systems permissions and access to confidential information, including records for the Chief Librarian’s Office and HR.
- Perform analysis of log files and incident data to identify threats.
- Continuously monitor security systems for potential threats and vulnerabilities.
- Troubleshoot complex security issues related to implemented platforms.
- Provide guidance for corrective actions and countermeasure deployments.
- Develop and implement secure network, application, server, endpoint, and wireless solutions.
- Ensure systems meet security standards and best practices.
- Research and recommend new security technologies.
- Assess security requirements during change management processes to ensure cybersecurity measures are integrated into new and upgraded systems.
- Perform security audits to ensure adherence to best practices and standards.
- Track and ensure mitigation of audit findings and recommendations.
- Develop and deliver security awareness training programs.
- Communicate cybersecurity value to all organizational stakeholders.
- Collect and maintain data for cybersecurity reporting and monitoring.
- Develop and report metrics to assess security posture.
- Ensure limited access to assets is authorized and managed according to risk assessments.
Secondary Duties
- Maintain documentation to establish repeatable security processes.
- Continuously evaluate and adjust the cybersecurity risk management strategy.
- Identify and implement improvement opportunities in cybersecurity practices.
- Provide strategic guidance to enhance cybersecurity.
- Oversee the organization's cybersecurity strategy and policy development.
- Develop and manage incident response plans and recovery programs.
- Conduct security risk assessments and vulnerability assessments.
- Participate in SPL staff meetings and planning sessions constructively.
- Perform other related duties as assigned, including occasional off-hour work.
- Ensure data management aligns with the organization’s risk strategy to protect information.
- Takes on additional duties as assigned
Qualifications
Education and Experience
The items listed below are the minimum requirements for the job and are relevant to this position. The organization values both work experience and education and realizes that individuals take different paths to acquire knowledge.
- Bachelor’s degree from an accredited school with major in cybersecurity, computer science, information technology, systems engineering, or related field; and
- Two years of increasingly responsible experience in cybersecurity application and infrastructure, technology management
- Experience in assessing and managing operational network and systems risks from a cyber security perspective.
- Demonstrates the following Core Competencies - action oriented, decision quality, managing conflict, comfort with ambiguity, customer focus, valuing differences, and time management.
- Any equivalent combination of education and experience that provides the necessary qualifications to successfully perform the duties of the position will be considered.