Are you an experienced professional in Information Security, including vulnerability management, SIEM administration, and/or incident response responsibilities? The City of Bellingham is hiring for a Senior Security Information Analyst. Apply today!

***This position is open until filled with a first review of applications on April 10, 2023, at 8:30 am. The position may be closed at any time following this review. *** 
 
The full salary range for this position is $7,946/month – $9626/month. Placement within the range is based on qualifications and professional experience in accordance with City policy. Employees receive step increases annually in accordance with the Teamsters (Supervisory and Professional Unit) Collective Bargaining Agreement and City policy. 

City of Bellingham employees receive medical, dental, and vision insurance as well as life insurance and long-term disability. Additional benefits include flexible spending accounts, a medical insurance opt-out program, and access to our employee assistance program. All eligible City employees are enrolled in a Washington State Department of Retirement Systems pension plan. Additionally, employees may elect to participate in the City’s 457 deferred compensation retirement savings plan.  

Employees will receive 12 paid holidays in addition to one paid floating holiday each year. At the time of hire, employees will accrue 8 hours of sick leave and 10 hours of vacation per month. Vacation accruals increase based on years of service. Leave accruals are based on 1.0 FTE, accruals are pro-rated if part-time and require employees to be in paid status at least 120 hours/month.

For additional information regarding benefits and compensation Information please visit the following:

• Labor Agreements, Pay Schedules and E-Team Employee Handbook – City of Bellingham (cob.org)
• Employment Benefits – City of Bellingham (cob.org)

Flexibility and work/life balance are important to the City of Bellingham. Remote work is allowed up to 3 days per week. We allow some “flexing” of hours during each pay period to support work/life balance for employees. 

JOB SUMMARY:
 
Oversees and serves as primary resource for administrative, operational, and technical aspects of the City’s security information event and vulnerability management systems. Prioritizes the availability, operation, maintenance, and security of the City's computer systems, networks and data. The City’s networks are a mission critical part of the City’s operation and provide services to over 30 staffed worksites and to numerous non-staffed locations.  
 
Conducts risk assessments, evaluates security vulnerabilities, and monitors and analyzes City systems to identify priority mitigations. Provides direction, coordination, assistance and training support to City staff to correct identified security vulnerabilities and implement priority security controls. Prepares, plans and leads tabletop exercises for City staff based on City policies and procedures. Coordinates or supports ad-hoc information security projects. Participates in the selection of consultants to conduct outside risk assessments and/or pen tests. Reviews, drafts and improves incident response plans and procedures. Maintains detailed and accurate technical and administrative records. Serves as a member of the IT Security Team. Leads and/or assists with internal technical investigations.
 
Assists the Director and Network Operations Manager in developing programs to ensure City compliance with regulatory, security, and privacy standards such as Criminal Justice Information Services (CJIS), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS), along with security and privacy standards adopted by the City.
 
ESSENTIAL FUNCTIONS OF THE JOB:
 

1. Monitors the availability, operation, maintenance and security of the City's computer systems, networks and data. Using a variety of enterprise monitoring tools, reviews anomalies, bulletins, and alerts as they may apply to the enterprise network. Advises other staff and enterprise clients of steps to take to mitigate security threats. If threat is imminent, determines risk of waiting to apply known fixes/patches as opposed to immediate implementation.
2. Oversees and serves as primary resource responsible for administrative, operational, and technical aspects of the City’s Security Information and Event Management (SIEM) and multiple vulnerability management platforms. Provides leadership, direction, coordination and training to technical staff to correct high priority vulnerabilities. Resolves problems through internal resources or through consultation with vendor technical support staff.   
3. Monitors the security of the City’s technology systems using best practices and security standards. Develops dashboards or reports to provide awareness, training and status information to other staff. Researches and maintains knowledge of current network security and network infrastructure technologies and best practices.  
4. Serves as a member of the IT Security Team responsible for supporting security initiatives in area of responsibility. Reviews and maintains required security metrics and documentation on City systems, ensuring compliance with security standards. Responds to incidents, providing guidance to all levels of the organization; may serve as technical lead on incidents consistent with City policies and procedures. 
5. Plans, coordinates and conducts cybersecurity tabletop exercises based on existing policies and procedures. Selects appropriate exercises from partner agencies (i.e. Washington State Office of Cybersecurity) and modifies to represent the City’s needs. Creates presentation material, schedules and leads exercises. 
6. Plans and conducts internal risk assessments and audits. Serves as project manager for risk assessments and pen tests. Responsible for project development, planning, implementation, communication and training. Develops requests for information (RFIs) and requests for proposals (RFPs); reviews bids to ensure vendors meet minimum requirements; participates in selection of vendors. Works closely with department administrative staff to maintain accurate billing, budget and related project records. Supports external technical audits and assessments by collecting and distributing relevant data and documentation. 
7. Serves as lead for certificate management. Acquires, manages, inspects and applies certificates to internal and external systems. 
8. Supports Department Director and Network Operations Manager in the development and monitoring of budgets for security systems and outside professional services. Recommends products and services and provides budget estimates to management. 
9. Maintains accurate and up-to-date technical and administrative records including documentation of the enterprise network and critical security configurations, risk registers, vendor contacts, network diagrams and Knowledge Base articles.
10. Contributes to the development of City policies, standards, and procedures related to technology and security. Provides training and communications related to policies, procedures, and standards to City staff and outside contractors. Advises department leaders and managers of system vulnerabilities. 

 
ADDITIONAL WORK PERFORMED:
 

1. Performs other related work of a similar nature and level.

 
WORKING ENVIRONMENT:
 
The work performed is in an office setting at a computer workstation with long periods of sitting or standing. Work environment incudes a normal range of noise and other distractions with low everyday risks working around standard office equipment. Work requires periodic visits to customer worksites. Work requires providing on-call support which may include evenings and weekends. The work involves occasionally inspecting equipment in ceilings to identify and solve problems, which can require ascending/descending ladders, entering tunnels, using lifts, standing on roofs to access equipment and cabling. Works with a variety of hand tools and computer diagnostic equipment to identify, repair and solve problems. Some travel to professional meetings is expected.

Physical ability to perform the essential functions of the job including:

• Frequently operate a computer and other office machinery such as a keyboard, mouse, phone, and fax machine; 
• Frequently remain stationary for long periods of time;
• Frequently communicate accurate information and ideas with others;
• Occasionally transports components weighing up to 25 pounds.