ABOUT THE ORGANIZATION

Truckee Meadows Water Authority (TMWA) is a not-for-profit, community-owned water utility, overseen by elected officials and citizen appointees from Reno, Sparks and Washoe County. TMWA has a highly skilled workforce who ensure the around-the-clock treatment, delivery and availability of high-quality drinking water for more than 400,000 residents of the Truckee Meadows.

We are looking to hire an IT Security Analyst, to join our IT Department.

ABOUT THE POSITION

TMWA’s IT Security Analyst manages day-to-day tasks relating to IT security. This position is also responsible for the identification, investigation and resolution of security breaches detected by those systems. Secondary tasks may include assisting the IT department with system administration, network administration, and helpdesk duties, involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.

The IT Security Analyst is expected to be fully aware of TMWA’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

The Staff Security Analyst supports and secures our current and future cyber infrastructure. Incumbents are expected to apply best practices on securing our cyber infrastructure and respond to security-related tasks. Staff level Security Analysts serve as the super user for securing our cyber infrastructure and providing best practice guidance for securing all IT systems.

The Senior Security Analyst differs from the Staff level in that incumbents at the Senior level perform more complex cybersecurity work. Incumbents are recognized as having the experience, certifications and responsibility for making final technical decisions and have influence on the overall outcome of a project or task. This position may also be designated as a project lead for security related projects. Senior Security Analysts perform under general supervision and guidance.

The Principal Security Analyst differs from Senior Security Analyst in that incumbents at the Principal level perform significantly more complex cybersecurity work. Incumbents are recognized in the work group as having the highest authority in a group. Principal level Security Analysts manage projects including the implementation of entire security programs and procedures. The Principal Security Analyst is expected to perform under minimal supervision and guidance.

Participates in the planning and design of TMWA’s security architecture.

ESSENTIAL FUNCTIONS

• Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).
• Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Performs the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.
• Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Monitors and maintains all in-place security solutions for efficient and appropriate operations.
• Monitors and reviews logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution and responds accordingly.
• Performs investigations into problematic activity.
• Designs and executes vulnerability assessments, penetration tests and security audits, and mitigate any security lapses found by the internal or external vulnerability assessments and tests.
• Monitors and maintains patch management for all IT managed devices (i.e., workstations, servers, network devices, etc.).
• Manages and maintains email security including phishing and SPAM protection.
• Creates, manages, and maintains Business Continuity Plan and Disaster Recovery Plan and associated training programs.
• Assists others on the IT team to successfully manage all aspects of the company’s IT infrastructure.
• Monitors and maintains Virtualization Infrastructure.
• Monitors and maintains Active Directory systems.
• Monitors and maintains the Storage Area Network (SAN) for optimum performance and capacity.
• Participates in the IT department off hours support rotation.

MINIMUM REQUIREMENTS
Experience:

Three to ten years of experience (based on the level of analyst work performed) in the information technology field with at least two years working directly on IT Security.

Other combinations of education or experience may be considered.

Education/Training

Bachelor’s degree in Computer Science, Information Technology or related field is recommended.

Must have working-level knowledge of the English language, including reading, writing and speaking English.

Conditions of Continued Employment

Certifications such as GCIH, GSEC, Security +, Associate of (ISC) or CISSP are recommended.

A valid Nevada (or California – depending on state of residency) Driver License at time of hire and continuing thereafter and ability to maintain insurability under TMWA’s vehicle insurance policy.

Employment is contingent upon successful completion of a background investigation during hire and periodically thereafter during employment.

This position is considered a safety sensitive position and employment is contingent upon the results of drug and/or alcohol testing which includes screening for marijuana. The presence of marijuana or other screened for substances on any employment related substance test may result in a refusal to hire or termination of employment.

KNOWLEDGE, SKILLS, AND ABILITIES

Knowledge of:

• Knowledge and experience with virtualized environments.
• Familiar with server backup and recovery practices.
• Operating systems such as Windows, macOS, iOS, Android, Linux and UNIX.
• Knowledge and experience with Storage Area Network (SAN, NFS) and utilization of various storage protocols, connectivity, and fabric switches.
• Knowledge and experience with firewall management.
• Penetration testing.
• Security design and implementation in a complex environment.
• Solid network knowledge focusing on security.
• Knowledge and experience with the use of TCP/IP.

Skills/Ability to:

• Research and apply best practices
• Work within a fast-paced environment and be adaptable to change.
• Develop and manage Business Continuity, Disaster Recovery, and Incident Response Plans and associated training programs.
• Acute attention to detail.
• Perform forensics and malware analysis.
• Keep current on IT security concerns, protocols and related topics.
• Audit and test security.
• Be a team player with a collaborative orientation and the ability to effectively interact with, and influence, internal and external stakeholders.
• Identify complex problems and review related information to develop and evaluate options and implement solutions.
• Design, develop, and implement policies, procedures, and technical write-ups
• Establish and maintain effective work relationships with those contacted in the performance of required duties.
• Organize, prioritize and handle multiple tasks and meet deadlines.
• Strong presentation, facilitation, and written/verbal communication skills.
• Be punctual regarding work hours established by TMWA.
• Be mentally and physically alert during working hours.

TMWA is an equal opportunity employer. It is TMWA’s policy to provide equal employment opportunity to all employees and applicants for employment without regard to race (including traits associated with race, such as hair texture and protective hairstyles), color, gender, religion, age, national origin, social or ethnic origin, sexual orientation, gender identity or expression, marital status, pregnancy, disability, military and/or veteran status or any other characteristic protected by law. TMWA’s commitment to equal opportunity includes all terms, conditions, and privileges of employment, including but not limited to recruiting, hiring, job placement, training, compensation, benefits, discipline, advancement, and termination.

All decisions affecting any terms and conditions of employment, including recruitment, hiring, assignment, training, compensation, promotion, salary, disciplinary action, and an employee’s caregiving responsibilities, will be made without regard to race (including traits associated with race, such as hair texture and protective hairstyles), color, gender, religion, age, national origin, social or ethnic origin, sexual orientation, gender identity or expression, marital status, pregnancy, disability, military and/or veteran status or any other characteristic protected by law.

TMWA complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at hr@tmwa.com or 775-834-8294.

TMWA is committed to providing a safe work environment and to fostering the health and well-being of our employees. That commitment is jeopardized when any of our employees illegally use drugs at home or at work, comes to work under the influence, possesses, distributes, or sells drugs in the workplace, or abuses alcohol on the job. As part of our commitment to safeguard the well-being of our employees and to provide a safe environment for everyone, TMWA has established a drug-free workplace policy.