This listing has expired and therefore is not publicly viewable.

Information Security & Compliance Analyst- Risk and Compliance
Company Las Vegas Valley Water District
Location Las Vegas
Preferred GIAC Certifications GISP, GISF, GSEC, GCTI, GICSP
Travel 0%
Salary 109,499.00
Contact Name Jessica Brown
Contact Email jessica.brown/at/
Expires 2023-03-27

Job Description

Under general supervision, performs complex and highly responsible duties in implementing, maintaining, evaluating, and enhancing the District/SNWA cyber security protection framework including security architectures, policies, standards, and systems to safeguard the integrity and confidentiality of information assets and the availability and reliability of systems operations; participates in activities to ensure compliance with PCI security standards; and performs related duties as assigned.

Plays a supporting role in developing and implementing the strategic, comprehensive enterprise information technology cyber security framework; researches, develops and recommends new or revised security policies, standards, procedures and applications; compiles data and prepares periodic reports on the status of the cyber security and information assurance programs and security risk and compliance issues to be addressed; participates in ensuring that District/SNWA information security programs are in compliance with all applicable federal and state law and regulations.

Uses a variety of monitoring systems, tools, and processes, such as vulnerability management, data loss prevention (DLP), and network visibility for malware and security event detection, to monitor day-to-day internal and external security events, staying alert for any early indicators of potential security threats; analyzes network, computer and applications performance, looking for events and trends that signal intrusions, denial-of-service, unauthorized access and an ever-increasing number of cyber-attacks from threat vectors and threat actors; assists in conducting monthly vulnerability assessment and mitigation efforts in the network DMZ; interacts on a daily basis with Managed Security Service Providers (MSSPs) and staff to ensure proper operation of security appliances and services.

Monitors firewall connections and activities; participates in advising encryption security standards for hosts and corporate SSL certificates.

graduation from a four-year college or university with major coursework in computer science, information systems, or a closely related field; and five years of progressively responsible professional information technology experience involving network/systems infrastructure administration and security; or an equivalent combination of training and experience. Experience in a government or public utility setting is highly desirable.

Licenses; Certificates; Special Requirements:

A valid Nevada driver's license and the ability to maintain insurability under the District's Vehicle Insurance Policy may be required for certain assignments.

Certification as a Certified Information Systems Security Professional (CISSP), current CompTIA Security+ certification, or comparable certifications with at least four years of comparable experience is required.