Salary Group B25

Class No. 0320



Performs complex (journey-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May train others. Works under general supervision, with moderate latitude for the use of initiative and independent judgment.


Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems.

Monitors and maintains cybersecurity infrastructure and/or policies and procedures to protect information systems from unauthorized use.  

Monitors network traffic and flow for analysis.

Performs cybersecurity incident detection, analysis, and prevention.

Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses.

Performs forensic analysis of information systems and portable devices and forensic recovery of data using assessment tools.

Researches and analyzes cybersecurity threat indicators and their behaviors, and recommends threat mitigation strategies.

Researches cybersecurity and privacy legislation, regulations, advisories, alerts, and vulnerabilities.

Evaluates network and system security configuration for best practices and risk-based access controls.

Delivers cybersecurity awareness training.

Assists in identifying and evaluating new cybersecurity technologies to remediate vulnerabilities.

Assists in advising management and users regarding security procedures.

May train others.

Performs related work as assigned.


Experience and Education

Experience in cybersecurity analysis, information security analysis, or digital forensics. Graduation from an accredited four-year college or university with major coursework in cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems, or a related field is generally preferred. Education and experience may be substituted for one another.

Knowledge, Skills, and Abilities

Knowledge of the limitations and capabilities of computer systems and technology; of operational support of networks, operating systems, Internet technologies, databases, and security infrastructure; of cybersecurity and information security controls, practices, procedures, and regulations; and of incident response program practices and procedures.

Skill in the use of a computer and applicable software; and in configuring, deploying, and monitoring security infrastructure.

Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; to communicate effectively; and to train others.

State Auditor’s Office

Added 9-1-15