Senior Security Analyst - Cybersecurity Operations job at City of Tacoma, Washington in Tacoma, WA

Senior Security Analyst - Cybersecurity Operations Location: WA-Tacoma Job Description: Salary $122,096.00 - $171,953.60 Annually Job Type Non-Classified Remote Employment Flexible/Hybrid Department Power Division Power - Utility Technology Services Position Description Are you passionate about safeguarding critical infrastructure and operational systems from cyber threats? Are you looking to join a mission-driven team that values collaboration, technical excellence, and public service? If so, Tacoma Power invites you to explore this exciting opportunity! We are seeking a highly skilled Senior Security Analyst to join our Cybersecurity Operations team within the Utility Technology Services (UTS) section. In this pivotal role, you will help ensure the confidentiality, integrity, and availability of Tacoma Public Utilities' (TPU) digital assets and operational technology (OT) systems. Your leadership in threat detection, incident response, and security operations will directly support TPU’s ability to deliver safe, reliable, and resilient utility services to the communities we serve. Job Responsibilities: Monitor and Analyze Security Events: Lead daily threat monitoring, triage, and analysis using SIEM tools to detect and assess cybersecurity threats across TPU’s systems. Investigate and Respond to Incidents: Conduct end-to-end incident response and root cause investigations, correlating data from tools such as SIEM, EDR, and threat intelligence platforms to contain and resolve security events. Enhance Detection Capabilities: Develop, tune, and refine detection logic and correlation rules in collaboration with engineering teams to improve alert quality and reduce false positives. Proactively Hunt for Threats: Perform threat hunting using behavioral analysis, anomaly detection, and intelligence sources to identify threats not captured by automated systems. Manage Endpoint Security Tools: Administer and optimize endpoint detection and response (EDR) solutions and OT network visibility, detection, and alerting platforms, ensuring accurate alerting, reliable functionality, and strong platform performance. Collaborate with Stakeholders: Communicate with internal teams and business units during investigations to gather context, validate findings, and coordinate incident resolution. Support Regulatory Compliance (CIP): Maintain assigned CIP responsibilities by supporting documentation, audit readiness, and evidence gathering to ensure compliance with security standards.

Qualifications

Minimum Education* Bachelor's degree in information technology, cybersecurity or directly related field Minimum Experience* 4 years of progressively responsible information technology experience related to assignment Licensing, Certifications and Other Requirements Security+ or related certification (GIAC GCIA, GIAC GCIH, CISSP) As Assigned: Washington State Driver's License Depending on assignment, some positions may require the ability to pass additional background checks and / or obtain additional certifications, with maintenance thereafter

• Equivalency: 1 year of experience = 1 year of education

Physical Requirements & Working Conditions Positions in this class typically require: remaining in a stationary position for 90% of the time with occasional movement to access office files, machinery and similar productivity tools (standing, sitting, walking). constant operation of a computer, as well as use of a calculator, printer and similar office tools (fingering, grasping, feeling, repetitive motions). communication and the exchange of information with others (hearing, seeing, talking). occasionally exerting up to 10 pounds of force to move, transport or position objects (sedentary work). Work may also occasionally require: movement around the workplace to pick up objects (stooping, walking, reaching). traversing, ascending or descending stairs, sloped terrain, or similar environments (climbing, balancing, walking). exerting up to 20 pounds of force to move, transport or position objects (light work). Knowledge & Skills Knowledge & Skills The ideal candidate would thrive in an environment that requires the ability to both collaborate/work with a team on large work efforts. Additionally, they would have the following skills/certification: Expertise with SEIM platforms (e.g., LogRhythm, Splunk). Experience managing EDR platforms (e.g., Carbon Black, CrowdStrike). Experience managing OT network visibility & detection platforms (e.g., Nozomi, ClarOTY, Dragos). Experience in conducting security investigations and incident response activities. Strong understanding of MITRE ATTACK, threat modeling, and TTP analysis. Familiarity with scripting for automation (e.g., Python, PowerShell). Strong soft skills and customer service experience. Incident response leadership in enterprise environments. Certifications: Security+, GIAC GCIA, GIAC GCIH, or equivalent. Experience with NERC-CIP regulatory standards.

• Studies have shown that people of color and women are less likely to apply for jobs unless they meet all listed qualifications. We are most interested in finding the best candidate for the job, and that candidate may be one from a less traditional background. If you have transferable skills and experience, please tell us about them.*

Pay Details: Annual Salary $118,560.00 - $166,920.00 Apply tot his job Apply To this Job