Information Security Analyst - 1.0 FTE - Office of Technology & Information Services

Posting Timeline

PPS strongly encourages and recommends everyone who is able, to be vaccinated and remain current on the COVID-19 vaccine.

This job is open until filled. Applications will be reviewed as received. Portland Public Schools reserves the right to make a hiring decision at any point during the posting period.

Position Details

Portland Public Schools (PPS) is seeking talented people from diverse backgrounds and experiences to lead change and inspire PPS students. At PPS, every employee, despite having different roles, is an educator. We hope to attract talented educators who model the core PPS Educator Essentials. With the District's focus on eliminating systemic racism and its adverse impact on student learning, we seek to hire individuals who bring to our district a deep commitment to racial equity and social justice. To learn more about Portland Public Schools, please visit the District website: here.

• Assist with cybersecurity tickets and requests submitted via ticketing system.
• Monitor, investigate, and respond to security system detections and network anomalies.
• Perform, monitor, and review vulnerability assessments and provide actionable guidance for remediation efforts.
• Develop, maintain, and execute Portland Public Schools security standards, procedures, and playbooks by leveraging defense-in-depth methodology, .
• Provide subject matter expertise on enterprise cybersecurity risks, threats, technologies, and potential impact.
• Develop and provide up-to-date security best practice recommendations to internal technical teams and other partners
• Continually monitor against authorized security control requirements and report system risks and application configurations or vulnerabilities.
• Contribute to a cyber-program focused on support, collaboration, partnership, and ingenuity.
• Ensure all information technology systems, policies and procedures fully comply with applicable laws, standards, and regulations; recommend and implement changes as necessary.
• Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the confidentiality, integrity, and availability of all applicable data.
• Create and deliver effective security and compliance training for district staff.
• Demonstrate a commitment to the Portland Public Schools Racial Equity and Social Justice Commitment by developing a thorough knowledge and application of the district Racial Educational Equity Policy, the PPS RESJ Framework and Plan, and the PPS RESJ Partnerships Investment Strategy and other board policies; participate in staff development, in-services and trainings related to diversity, equity and inclusion in the workplace and in K - 12 education; model appropriate behaviors; develop, recommend and implement improvements to educational practices with awareness and understanding of their impact in a racially and culturally diverse community.
• Perform related duties as assigned.

• Linux, Windows, Apple MacOS and iOS operating systems.
• Disaster recovery strategies.
• Asset, identity, and software lifecycle management
• Risk and vulnerability management.
• Risk-based assessment methodologies.
• Networking concepts and analysis (TCP/UDP, 802.11, tcpdump/tshark).
• Log aggregation and event correlation (netmon, SIEM, syslog).
• Security software systems administration (EDR, SIEM, IDSIPS, content filtering, packet inspection).
• Enterprise systems baselining, hardening, and configuration management (VMware, Windows Server, InTune, JAMF, AWS).
• Security frameworks such as CIS Controls, NIST SP-800 (or NIST CSF) and the MITRE ATT&CK Framework.
• Relevant legal and regulatory requirements, such as Payment Card Industry/Data Security Standard (PCI), Family Educational Rights and Privacy Act (FERPA), Children Internet Protection Act (CIPA), and Health Insurance Portability and Privacy Act (HIPAA).
• Oral and written communication skills.
• Interpersonal skills using tact, patience and courtesy; techniques and principles of high-quality customer service.
• IT concepts, basic operating principles of computer hardware and software technical support functions; network, database and cloud-based technologies and related hardware and software applications.
• Operations, capabilities and limitations of computer equipment.

• Collaborate and communicate effectively with online productivity suites.
• Create clear, concise and accurate technical documentation.
• Think critically about a problem, approach from multiple perspectives and adopt an effective course of action.
• Maintain current knowledge of technological advances in the field.
• Communicate effectively both orally and in writing.