Cyber Security Analyst

Weber Basin Water Conservancy District • Layton, UT, US • 23h geleden

About Us

Weber Basin Water Conservancy District is Northern Utah's Regional Water Supplier for: treated municipal water, wholesale irrigation water, retail secondary irrigation water, untreated industrial water and groundwater replacement water. We proudly serve the water needs in Davis, Weber, Summit, Morgan and Box Elder counties.

We are looking to fill a Cyber Security Analyst position. The schedule for this position is Monday-Friday from 8:00 a.m. - 4:30 p.m. with an option to work a 5/4/9 schedule that includes 9 hour days with every other Friday off. Remote work may be available after training period.

We offer excellent benefits including a wellness program, pension, 401(k) plan, paid vacation and sick leave, health, dental, vision, HRA, life, LTD insurance, and tuition reimbursement.

Every employee at Weber Basin is responsible for fostering an organizational culture that is based on the District's core values of Collaboration, Ownership, Mutual Respect, Professionalism, Appreciation, Safety, and Sustainability.

Job Summary

Under the general guidance and direction of the Information Services Department Manager and Assistant General Manager, conducts assessments with tools and software to identify and remediate any cybersecurity vulnerabilities within the District's IT and OT networks. The duties are of a wide range - from fairly routine to highly technical.

This position is classified as security-sensitive and is subject to random drug testing.

Essential Job Functions

Apply operating system and 3rd party software patching and updates.
Update firmware and patching on IT and OT network infrastructure.
Review configuration of network infrastructure
Use of software and network tools for vulnerability identification and assessments.
Utilize and configure endpoint management and log collection and storage software solutions to secure devices and infrastructure.
Implement the NIST cybersecurity framework.
Identify unwanted or unknown network traffic via available tools.
Create monthly reports for review of current vulnerabilities and mitigation efforts.
Monitor and respond to security alerts from SIEM, IDS/IPS, and other detection platforms; investigate incidents and document findings and remediation steps.
Administer and maintain identity and access management (IAM) controls, including role-based access, multi-factor authentication (MFA), and privileged account management.
Evaluate, implement, and manage security for OT/ICS environments, including SCADA systems, PLCs, HMIs, and industrial communication protocols.
Develop, test, and maintain an incident response plan; participate in tabletop exercises and post-incident reviews to continuously improve response procedures.
Conduct security awareness training for District staff; promote a culture of cybersecurity best practices across IT and OT teams.
Assist in maintaining compliance with applicable regulatory requirements and standards.

MINIMUM QUALIFICATIONS (The education and experience requirements for this job may be satisfied by any acceptable equivalent combination of education and experience.)

Education: Bachelor's or master's degree (preferred) from accredited college or university in Information Technology/Systems, Computer Science, or Cyber Security.

Experience: Minimum of 2 years of experience in Information Systems, Computer Science or related field. Advanced degrees and certifications may be substituted for experience.

Knowledge: Knowledge of computer network systems and hardware. Knowledge of the NIST Cybersecurity framework is preferred but not required. An understanding of OT (Operational Technology) networks is required. Knowledge of network packet traffic analysis. Knowledge of various cybersecurity tool

s and software is preferred. Knowledge of network firewall and switch management and configuration is required. Knowledge of the Microsoft Windows operating system is required. Familiarity with the OSI model and an understanding of TCP/UDP protocols is necessary. Knowledge of SIEM platforms, IDS/IPS systems, and log aggregation tools is preferred. Familiarity with identity and access management (IAM) concepts including MFA, role-based access control, and privileged access management is preferred. Familiarity with CISA cybersecurity guidance for water systems is a plus. Understanding of backup, recovery, and business continuity principles as they relate to cybersecurity is desired.