IT Information Security Analyst - (RP 0116-22)

Job Details : Assignment :

IT Information Security Analyst

Category / Level

F : IT Security Analysis and Administration, Level 2

Term of Assignment :

6 months up to 12 months

Date Candidate Resumes due to Sound Transit :

8 / 14 / 2025

Rate Range : Equipment Needs?

Sound Transit will provide a laptop

General Summary :

Under general direction, the Information Security Analyst assists with the operations of the Agency's Information Security program for its technology assets. The Information Security Analyst's role is to support service owners and system owners in ensuring the confidentiality and integrity of information systems and data across the entire organization.

The Information Security Analyst performs two core functions for the Agency. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security events detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and / or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the Agency's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals

On-call availability is required as a member of the Information Security Incident Response Team.

Essential Functions :

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency.
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e. workstations, servers, network devices, etc.)
• Maintain operational configurations of all in-place security solutions as per the established baselines.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (i.e. workstations, servers, network devices, etc.). Interpret the implications of that activity and devise

plans for appropriate resolution. Participate in investigations into problematic or suspicious activity.

Special / Additional Qualifications (Over Role / Category Level)

Education & Experience :

Bachelor's degree in computer science, information technology, business administration, engineering, or closely related field and five years of information technology experience with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.

Required Licenses or Certifications :

One or more of the following certifications :

Specific Qualifications, Knowledge, and Skills :

Required Skills :

malware analysis (infection paths, behavior), and system-level troubleshooting.

Physical Demands / Work Environment :

Sound Transit promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required.

It is the responsibility of all employees and temporary staff to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and / or other employees.