Senior Cybersecurity Analyst-CURRENT METRO TECHNOLOGY SERVICES EMPLOYEES ONLY

YOU MUST BE A CURRENT METRO TECHNOLOGY SERVICES EMPLOYEE TO BE CONSIDERED FOR THIS POSITION

Summary Objective
The purpose of this position is to assist in the development, implementation, and oversight of security initiatives designed to protect the City’s technology infrastructure, data, and digital assets. This position is responsible for leading cyber risk assessments, configuring complex security systems, responding to incidents, and auditing compliance with applicable standards and regulations. The analyst will serve as a subject matter expert, collaborating across departments to strengthen Louisville Metro Government’s cybersecurity posture and resilience.
This class works under works under general supervision, independently developing work methods and sequences.

ESSENTIAL FUNCTIONS

The essential functions listed below are those that represent the majority of the time spent working in this class. Management may assign additional functions related to the type of work of the class as necessary.

• Architects a comprehensive cybersecurity strategy for the organization as direct advisor to the CISO and Deputy CISO.
• Mentors cyber personnel and trains them to develop new tactics and techniques for cyber monitoring and response.
• Monitors and analyze network traffic, system logs, and security alerts to detect and respond to cybersecurity incidents.
• Collaborates with IT, operational technology, and other departments to ensure security controls are integrated into all systems, applications, and business processes.
• Develops and enforces security policies, procedures, and standards in alignment with local, state, and federal regulations.
• Conducts and coordinates cybersecurity awareness and training programs for employees.
• Manages relationships with external vendors, auditors, and security partners to ensure adherence to best practices and contractual obligations.
• Serves as subject matter expert in incident response, digital forensics, and disaster recovery planning and execution.
• Advises senior leadership on cybersecurity threats, trends, vulnerabilities, and technologies; proactively recommend and implement improvements.
• Provides expert guidance to leadership and project teams on cybersecurity implications of new technologies and initiatives.
• Continuously evaluates and improves the organization’s overall cybersecurity resilience through testing, analysis, and strategic planning.
• Performs related work as assigned.

MINIMUM EDUCATION AND EXPERIENCE REQUIREMENTS:

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or related field.
• Seven (7) years of progressively responsible experience in cybersecurity operations, information assurance, or network/system security, or an equivalent combination of education, training, and experience.

OTHER MINIMUM REQUIREMENTS:

• Expert knowledge of cybersecurity frameworks (NIST, ISO 27001, CIS Controls).
• Proficiency with SIEM platforms, endpoint protection, and network monitoring tools.
• Experience with incident response, threat intelligence, and vulnerability management processes.
• Expert knowledge of relevant laws and compliance requirements such as CJIS, HIPAA, PCI-DSS, and state data protection statutes.
• Ability to lead risk analysis and develop mitigation strategies.
• Excellent analytical, problem-solving, and communication skills.
• Proven ability to lead initiatives and work collaboratively in a multi-departmental environment.

PHYSICAL DEMANDS:

Physical demands refer to the requirements for physical exertion and coordination of limb and body movement.

• Performs sedentary work that involves walking or standing some of the time and involves exerting up to 10 pounds of force on a regular and recurring basis or sustained keyboard operations.
• Work is performed in an office environment with occasional on-call response during security incidents or critical system events. May require occasional travel to remote facilities or conferences.

UNAVOIDABLE HAZARDS (WORK ENVIRONMENT):

Unavoidable hazards refer to the job conditions that may lead to injury or health hazards even though precautions have been taken.

• None.

AMERICANS WITH DISABILITIES ACT COMPLIANCE

Louisville Metro Government is an Equal Opportunity Employer. ADA requires the Louisville Metro Government to provide reasonable accommodations to qualified persons with disabilities. Prospective and current employees are encouraged to discuss ADA accommodations with management.

STANDARD CLAUSES

May be required to work nights, weekends, holidays and emergencies (man-made or natural) to meet the business needs of Louisville Metro Government.

This job description is not designed to cover or contain a comprehensive listing of essential functions and responsibilities that are required of an employee for this job. Other duties, responsibilities, and activities may change or be assigned at any time with or without notice.

ESSENTIAL SAFETY FUNCTIONS

It is the responsibility of each employee to comply with established policies, procedures and safe work practices. Each employee must follow safety training and instructions provided by their supervisor. Each employee must also properly wear and maintain all personal protective equipment required for their job. Finally, each employee must immediately report any unsafe work practices or unsafe conditions as well as any on-the-job injury or illnesses.

Every manager/supervisor is responsible for enforcing all safety rules and regulations. In addition, they are responsible for ensuring that a safe work environment is maintained, safe work practices are followed and employees are properly trained.

EOE