Cybersecurity Analyst

What you get The City of Sanibel offers an onsite Cybersecurity Analyst role in Sanibel, Florida with a competitive pay range of $31-$45 per hour. You will safeguard the City’s IT infrastructure, systems, and data while shaping the information security program across multiple departments. This position provides a hands-on opportunity to influence security controls, vulnerability management, incident response, and regulatory compliance in a collaborative environment with the IT Director and city staff.

Responsibilities

• Establishes and updates the City’s information security program, policies, standards, and procedures in line with industry best practices and regulations, including handling policy exceptions and addressing non-compliance.
• Administers security across designated platforms, covering operating systems, applications, and network security devices.
• Creates and maintains documentation for security systems, processes, and procedures.
• Collaborates with the IT Director and staff to clarify control ownership and responsibilities for risk mitigation, remediation, and policy compliance.
• Coordinates vulnerability scans and penetration testing; records findings and suggests risk mitigation strategies.
• Designs and implements a risk assessment framework that identifies threats, options for mitigation, remediation requirements, tracking, and management reporting.
• Assesses threats and vulnerabilities, initiating remedial actions when appropriate to protect city systems.
• Researches, proposes, evaluates, and deploys cybersecurity solutions to identify and counter potential threats.
• Plans and applies security patches and fixes as needed during breaches or vulnerability disclosures.
• Operates and monitors intrusion detection and prevention systems at both network and host levels.
• Analyzes network traffic, intrusion attempts, logs, and alerts to identify trends, anomalies, and potential breaches.
• Responds to security exposures and non-compliance issues, using defined escalation processes as needed.
• Leads and coordinates the Incident Response process, tracking issues to resolution.
• Develops scripts, tools, and procedures to automate scans, assessments, and ongoing monitoring activities.
• Maintains ongoing compliance with applicable cybersecurity frameworks, regulatory requirements, and city policies, including CJIS/FDLE and OT/ICS environments.
• Supports security awareness training, business continuity, and disaster recovery planning.
• Assists in designing and implementing disaster recovery plans for operating systems, databases, networks, servers, and applications.
• Coordinates with external vendors to support cybersecurity systems and related work.
• Develops and maintains a security awareness program to reduce human risk in the City’s operating environment.
• Assists other technical staff in applying security safeguards, patches, and anti-malware strategies.
• Collaborates with IT staff to identify opportunities for improved security tools and processes.
• Provides cross-team IT support and helps resolve issues as needed.
• Delivers end user support for Windows environments as workload permits.
• Responds to inquiries about system operation and troubleshoots hardware, software, and operator problems.
• Performs additional duties aligned with the role’s scope as operational needs evolve.

Requirements

• Strong understanding of cybersecurity principles, frameworks such as NIST and CIS Controls, and current industry best practices.
• Knowledge of network security concepts including firewalls, IDS/IPS, VPN, and network segmentation.
• Experience with vulnerability assessment and penetration testing tools and methodologies.
• Proficiency in OS security hardening for Windows and Linux environments.
• Familiarity with security information and event management (SIEM) tools and log analysis.
• Understanding of regulatory compliance requirements relevant to local government, including CJIS security policy and applicable standards.
• Knowledge of cloud security concepts and controls.
• Understanding of identity and access management principles, including Active Directory and Azure AD.
• Ability to conduct risk assessments and develop mitigation recommendations.
• Capability to analyze network traffic and security logs to identify anomalies and threats.
• Skill in developing and maintaining security documentation, policies, and procedures.
• Ability to convey technical security concepts clearly to non-technical stakeholders.
• Ability to interpret technical documentation to troubleshoot, evaluate, and implement new solutions.
• Capacity to develop and deliver security awareness training for end users.
• Proficiency in scripting or automation (PowerShell, Python, Bash) for security monitoring and response tasks.
• Strong problem-solving skills to identify, analyze, and resolve complex technical issues.
• Excellent interpersonal skills to collaborate with staff, city vendors, and the public in a professional manner.
• Exceptional organizational abilities with attention to detail, prioritization, and time management.
• Commitment to confidentiality for sensitive information across departments and investigations.
• Ability to manage multiple projects simultaneously and work independently or as part of a team.
• Strong oral and written communication skills for clear instruction and public relations.

Technologies

• NIST, CIS Controls
• CJIS security policy, FDLE
• OT/ICS environments
• SIEM systems and log analysis
• Active Directory, Azure AD
• Windows and Linux operating systems
• PowerShell, Python, Bash
• IDS/IPS, Firewalls, VPN
• Network segmentation
• Cloud security concepts and controls
• Vulnerability assessment and penetration testing tools