Cyber Security Analyst

Incumbents in this position are responsible for supporting the Cyber Security Administrator and CFPUA’s Cyber Security program performing day to day operational and strategic activities to protect critical IT and operational technology (OT) systems. This position is assigned to Pay Grade IT4.

- Continuously monitor IT and OT systems for security threats to identify security threats and anomalies using security tools such as SIEMS (Security Information and Event Management) Platforms.

- Analyze alerts and logs to identify, assess, and escalate potential incidents.

- Perform regular scans and assessments of IT and OT systems to identify vulnerabilities and recommend remediation actions.

- Collaborate with teams to ensure timely implementation of security patches.

- Respond to cyber security incidents, including containment, eradication, and recovery.

- Coordinate with internal and external stakeholders to manage incidents effectively.

- Ensure compliance with cyber security requirements such as EPA, CISA, DHS, NIST and other regulatory guidelines and standards.

- Maintain documentation and assist with audits related to cyber security practices.

- Develop, implement, and update cyber security policies, procedures, and incident response plans.

- Conduct employee training on cyber security best practices and awareness programs to reduce human error and insider threats.

- Work collaboratively with IT and operations teams to secure OT systems (eg. SCADA, ICS) and ensure alignment with broader cyber security goals.

- Configure, monitor, and maintain cyber security tools such as firewalls, intrusion detection/prevention systems, endpoint protection, and threat intelligence platforms.

- Evaluate risks to critical infrastructure and recommend strategies to mitigate those risks.

- Support business continuity and disaster recovery planning efforts.

- Engage with external agencies, such as WaterISAC, CISA, and local law enforcement to stay informed about emerging threats and cyber security resources.

- Provide regular updates to the Cyber Security Administrator on security events, risks, and compliance status.

- Assist the Cyber Security Administrator in developing strategic plans, implementing initiatives and ensuring the overall effectiveness of the Cyber Security program.

- Other duties as assigned.

In the event of an emergency, all employees are considered essential personnel and may be required to perform alternate duties.

- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related course study.

- Three (3) years of experience in Cyber Security, Network Administration, Information Security, or related work field.

- High School or GED; 5 years of experience in Cyber Security, Network Administration, or Information Security; and possession of Preferred Certifications in lieu of Bachelor's degree.

- Preferred Certification:

- CompTIA Security+ (Foundational)

- Certified Information Systems Security Professional (CISSP)

- Certified Ethical Hacker (CEH)

- Certified Information Systems Auditor (CISA)

- Certified SCADA Security Architect (CSSA)

Other Essential Job Specifications

YES NO

Use interpersonal skills such as seeing, hearing, and speaking to develop positive interactions with customers.

X

Comprehends and uses technical or professional language, either written or spoken, to communicate complex ideas.

X

Performs numerical operations using basic counting, adding, subtracting, multiplying, or dividing.X

Performs complex quantitative calculations or reasoning using algebra, geometry, statistics, or abstract symbols.

X

Requires travel between CFPUA sites.X

Use or repair of small/light equipment (power tools).X

Use or repair medium equipment and machinery (vehicles, commercial mowers).

XUse or repair heavy or complex machinery (HVAC systems, construction equipment, water plants).

X

Physical Requirements None: 0 hours or 0% of scheduled shift

Some: Up to 2 hours or 20% of scheduled shift

Frequent - 2 to 5 hours or 20% to 60% of scheduled shift

Very Frequent - More than 5 hours or 60% to 100% of scheduled shift

NONE SOME FREQUENT VERY FREQUENT

Minimal physical exertion. Very light physical work at desk or counter level with intermittent periods of sitting, standing, and walking. May involve data entry, telephone work, or use of various office equipment.

XSame as above with the addition of standing/sitting/walking for lengthy periods of time. May involve light physical exertion due to pushing, pulling, carrying, and lifting weights up to 20 pounds.

X

Physical exertion involving pushing, pulling, and lifting up to 20 pounds. May require prolonged standing and/or walking during which time objects are transported. May require occasional bending, squatting, and reaching.

X

Sustained physical activity throughout the work period. Performs work tasks involving pushing, pulling, carrying, and lifting up to 50 pounds. May require bending, squatting, stooping, reaching, climbing, or walking in addition to other physical demands.

X

Sustained physical activity throughout the work period. Performs work tasks involving pushing, pulling, carrying, and lifting up to 50 pounds. May require bending, squatting, stooping, reaching, climbing, or walking in addition to other physical demands.

X