City of Boston

Welcome page

IT Cybersecurity Analyst

Posted Date 2 weeks ago(5/19/2023 1:57 PM)
Req ID
2023-24764
Dept
Boston Public Library
Position
Regular Full-Time
Location
BPL Data Processing - 2
Salary Min
77,124.96
Salary Max
102,700.40
Union
AFP
Openings
1
Posting End Date
11/19/2023
Contact Email
emclaughlin@bpl.org

Overview:

Reporting to the Chief Technology Officer, the Information Technology (IT) Cybersecurity Analyst is responsible for ensuring the security of Boston Public Library’s (BPL) information assets through the full systems lifecycle of initiation, operation, enhancement, and replacement or retirement.

 

The Cybersecurity Analyst works closely with the systems administration and support teams in the BPL IT Department, including the Network Team, Server Team, Application Team, Help Desk Team, and A-V staff, as well as the Web Services and Digital Services Teams to ensure their systems and practices conform to information security best practices to ensure the integrity and availability of BPL information systems. The Cybersecurity Analyst also coordinates with others to assist in developing and deliver employee, affiliate, and patron training relating to information security.

Responsibilities:

Under immediate supervision and in accordance with standard policy and practices performs any or all of the following:

  • Participates in relevant information security professional organizations and monitors relevant listservs and forums to maintain up-to-date knowledge and understanding of information security threats, vulnerabilities, practices, principles, and solutions.
  • Regularly coordinates with the City of Boston Department of Innovation and Technology Cybersecurity Operations team to research, select, document, and promulgate information security best practices in system configuration, operating procedures, and user training.
  • Documents information security standards in accordance with industry best practices to guide system procurement, design, development, maintenance, enhancement, replacement, and retirement decisions.
  • Advises IT on emerging information security threats, vulnerabilities, countermeasures, and preventative systems and practices.
  • In coordination with the Technology Process Improvement Owner, analyses organizational processes for potential information security threats, recommending specific procedural changes to minimize vulnerabilities; and defines, documents, and communicates related organizational information systems security procedures.
  • Leads cybersecurity incident response, coordinating with the Network, Server, Application, Help Desk, A-V and other relevant Teams to identify and investigate attacks, contain and neutralize breaches, restore services, liaise with law enforcement and City of Boston cybersecurity counterparts, perform post-incident analysis, and improve cybersecurity protections.
  • In coordination with the Help Desk Manager, maintains accurate enterprise information asset and license inventories as a basis for monitoring relevant threats and ensuring security updates and appropriate preventative measures are in place.
  • In close collaboration with the Server, Network, and Web Services Teams, coordinates or directly performs routine to complex technical work focused on security assurance associated with the installation, configuration, administration, and maintenance of IT systems.
  • In close coordination with the IT Server, Network, and Web Services Team, manages information security-related systems, including but not limited to, intrusion detection and protection systems (IDS/IPS), anti-malware, firewall, encryption, penetration testing,
  • In collaboration with the IT Server and Network Teams, documents, maintains, and tests business continuity disaster recovery plans.
  • Troubleshoots security-related incidents as required and coordinates resolution of cybersecurity problems, acting as point of contact to vendors when issues cannot be resolved internally.
  • Coordinates the monitoring, analysis, and reporting of cybersecurity metrics.
  • Under direct supervision of the CTO, serves as the BPL Cybersecurity Officer with regard to information security governance, auditing, and reporting.
  • Assists the Training Coordinator and MBLN Administrator in developing and delivering cybersecurity-related training and resources to BPL and MBLN staff, respectively.
  • Assists the Learning Resources Team and Branch Staff in developing and delivering cybersecurity-related training and resources to BPL patrons.
  • Performs other related duties.

Competencies

  • Knowledge of the NIST Cyber Security Framework, NIST 800-30 & 800-53, ISO 17799 & 27001 and PCI DSS.
  • Demonstrated knowledge of best practices in information and cybersecurity security.
  • Knowledge of security technologies, including anti-malware, firewalls, intrusion detection and protection systems (IDS/IPS), endpoint detection and response (EDR) or security information and event management (SIEM), data loss prevention (DLP).
  • Communicates effectively and presents ideas clearly.
  • Ability to collaborate with library staff and affiliates.
  • Strong software and basic hardware troubleshooting skills.
  • Identifies, plans, and prioritizes job responsibilities and tasks; assists in implementing project timelines.
  • Ability to recognize and set priorities and to use initiative and independent decision-making skills.
  • Strong analytical, interpersonal, written, and oral communication skills.
  • Demonstrated ability to accept responsibility and work under pressure.

Minimum Entrance Qualifications:

Education

  • High school diploma or GED; Bachelor’s degree in Computer Science, Information Assurance, Information Security, or Digital Forensics preferred.
  • Current professional security certification, such as CISSP, CISM, CISA, CEH, applicable SANs programs or other industry certifications or Bachelor’s degree in Information Assurance, Information Security, Digital Forensics, or related field.

Experience

  • Minimum of two (2) years of full-time, or equivalent part-time, professional experience in IT security. A Bachelor's degree in Computer Science, Information Assurance, Information Security, Digital Forensics, or related field may be substituted for one (1) year of the required experience.

Requirements

  • Position schedule may require working evenings and weekends.
  • Ability to work at BPL locations.
  • Residency - Must be a resident of the City of Boston upon the first day of hire.
  • CORI - Must successfully clear a Criminal Offenders Record Information check with the City of Boston.

 

Terms:

Union/Salary Plan/Grade:   AFP/LA-9T

Hours per week: 35

Options:

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed



The City of Boston is proud to be an Equal Opportunity Employer. We are committed to creating a diverse and inclusive environment. Therefore, qualified applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical or mental disability, genetic information, marital status, sexual orientation, gender identity, gender expression, military and veteran status, or other protected category.

The City of Boston has played a role in causing and perpetuating the inequities in our society. To break down these barriers, we are embedding equity and inclusion into everything we do.

We define equity as ensuring every community has the resources it needs to thrive in Boston. This requires the active process of meeting individuals where they are. Inclusion is engaging every resident to build a more welcoming and supportive city. We are building a city for everyone, where diversity makes us a more empowered collective.