The Information Security Analyst – Security Operations Center (SOC) position will play a critical role in the City of Philadelphia’s, Information Security Group’s, monitoring, detecting, analyzing, and responding to cybersecurity threats in real time. This position is responsible for safeguarding the City’s digital infrastructure by leveraging advanced security tools, threat intelligence, and incident response protocols. The ideal candidate will have hands-on experience in a SOC environment, a strong understanding of cyber threat landscapes, and the ability to collaborate across departments.Essential FunctionsMonitor and analyze security events using SIEM and other SOC tools.Detect, investigate, and respond to cybersecurity incidents.Conduct vulnerability assessments and penetration testing.Document and communicate risks, incidents, and remediation plans.Develop and maintain security monitoring procedures and incident response playbooks.Track and report on the effectiveness of security controls and technologies.Support compliance efforts with relevant regulatory frameworks (e.g., NIST, CJIS, HIPAA).Participate in security projects and continuous improvement initiatives.Perform other duties as assigned.Competencies, Knowledge, Skills and AbilitiesAn Information Security Analyst plays a critical role in protecting the City’s information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to:Technical ProficiencyExperience with SIEM, EDR, IDS/IPS, firewalls, and vulnerability management tools. (e.g, Splunk, Crowdstrike, Nessus, Rapid7, CloudFlare)Strong understanding of Windows, Linux, and network security principles.Familiarity with GRC platforms and forensic tools.Cybersecurity ExpertiseKnowledge of threat intelligence, attack vectors, and incident response.Understanding of regulatory frameworks (e.g, NIST, HIPAA, CJIS, PCI-DSS, OWASP, etc.).Ability to conduct ethical hacking and penetration testing using available tools is preferred but not required.Analytical & Communication SkillsStrong critical thinking and problem-solving abilities.Ability to communicate technical issues to non-technical stakeholders.Skilled in writing clear, actionable reports and documentation.Professional AttributesHigh ethical standards and commitment to confidentiality.Adaptability to evolving threats and technologies.Collaborative mindset and ability to work across departments.Continuous learner and cybersecurity community contributor.
