The Roanoke County Cybersecurity Analyst I (CA-I) focuses on actively leading a subset of cybersecurity operations, and supporting the design and engineering of operations, under the direction of the Information Security Manager. This position proactively monitors systems for threats and performs in-depth analysis of security events, conducts and oversees vulnerability scans and advanced risk assessments, and leads incident response activities including investigation, remediation, and reporting. The CA-I carries out complex cybersecurity evaluations, recommends improvements to the County’s security posture, and maintains and enhances cybersecurity documentation, policies, and procedures. In addition, the CA-I implements security measures across County applications and infrastructure, provides guidance and mentorship to junior staff, and contributes to the development, testing, and maturity of the County’s cybersecurity framework, disaster recovery plans, and overall cyber-risk management strategy. The Cybersecurity Analyst-I may also be assigned additional cybersecurity-related responsibilities to protect sensitive and business-critical information and perform other duties as assigned.
~ Ensure systems meet regulatory and organizational compliance requirements (e.g., NIST, HIPAA, PCI-DSS).
~ Perform continuous monitoring of IT infrastructure.
~ Monitor security alerts, logs, and events to identify potential threats.
~ Investigate and respond to security incidents, breaches, and anomalies.
~ Work with the ISM and IT teams to help ensure secure design, development, and testing practices are followed during the system development lifecycle.
~ Consult with customers to translate functional requirements and integrate security policies into technical solutions; assists the ISM in planning, executing tests, evaluating results, and reporting findings.
~ Analyze digital evidence from security incidents to support system and network vulnerability mitigation.
~ Investigate, analyze, and respond to network cybersecurity incidents.
~ Coordinate with the Information Security Manager to respond to and contain potential cyber incidents in accordance with the County’s Incident Response Plan (IRP).
~ Assist the ISM in providing customer support for hardware and software, following organizational Cybersecurity policies.
~ Assist in developing baseline security configurations and procedures that support the County’s cybersecurity defense posture and contributes to the creation of secure design rules and documentation.
~ Collaborate with team members to support continuous improvements to cybersecurity strategies and frameworks
~ Analyze data collected from various cybersecurity defense tools to mitigate risks.
~ Maintain documentation of procedures, controls, and audit evidence.
~ Help in developing and delivering cybersecurity awareness programs, user training sessions, and educational materials to promote best practices across the organization.
Education:
Required: Associate’s degree in computer-related field or equivalent combination of education and experience.
Preferred: Bachelor’s degree in computer related field, or equivalent combination of education and work experience.
Experience:
Required: One (1) or more years of related experience. Preferred: Three (3) or more years of related experience.
Certifications/Licenses:
Required: Valid Virginia driver’s license with good driving record. COMPTIA SECURITY+ certification
Knowledge, Skills and Abilities:
Thorough knowledge of microcomputer hardware, LANs and office automation software. Knowledge of network-based systems, and/or enterprise systems solutions and architecture. Knowledge of inventory and distribution procedures. Experience managing resources in a Microsoft Active Directory environment and experience with evaluation and troubleshooting of desktop group policies. Skilled in providing technical support via multiple channels (email, phone, instant messaging, remote desktop, etc.). Demonstrated analytical problem-solving abilities with keen attention to detail. Ability to follow verbal and written instructions. Ability to communicate technical information clearly and effectively and translate technical terminology into a simple, non-technical language. Ability to handle business critical or time sensitive issues. Ability to manage high volume ongoing duties while maintaining responsiveness to users. In-depth working knowledge of software including but not limited to Microsoft Office, Adobe Professional, e-mail systems and work order tracking. Skilled in Microsoft Office software functionality (specifically Word & Excel). Extensive knowledge in Microsoft Operating Systems and Apple iOS. Experience in automated workstation deployment and update technologies like Microsoft System Center Configuration Manager. Skilled in operation, repair and installation of microcomputer equipment. Demonstrated ability to diagnose and repair microcomputers, printers, communications, and network equipment. Skilled in configuring systems software and hardware components. Skilled in technical hardware problem solving. Ability to read and interpret technical manuals for systems and products in the installation, operation, and support of end user equipment and solutions. Ability to perform complex computer devices and related software troubleshooting and diagnostics, both on software and hardware problems.
Supervisory Responsibilities:
None
Additional Requirements:
Must be a United States citizen or a lawful permanent resident of the United States and eligible for naturalization. Employment is subject to a complete criminal history background search with acceptable results. Must be able to perform the job as described in the Physical and Environmental Demands section of this job description. Must be available to provide after-hours emergency support as needed.
