Job Details

MUSCOGEE (CREEK) NATION

Seeking an IT SECURITY ANALYST

General Summary: Analytical and security-focused IT Security Analyst with experience protecting information systems, networks, and data from threats and vulnerabilities. Skilled in monitoring security events, conducting risk assessments, analyzing incidents, and implementing security controls aligned with industry standards and organizational policies. Proficient in identifying vulnerabilities, responding to incidents, and collaborating with technical team to strengthen overall security posture. Demonstrates strong problem-solving skills, attention to detail, and a commitment to safeguarding confidential information and ensuring compliance.

Principal Duties and Responsibilities:

Security Monitoring & Incident Response

Monitor systems, networks, and applications for security events, threats, and suspicious activity

Analyze security alerts from SIEM, IDS/IPS, endpoint protection, and other security tools

Investigate security incidents and coordinate response, containment, eradication, and recovery activities

Document incidents, root causes, and corrective actions; provide post-incident reports

Risk Assessment & Vulnerability Management

Conduct vulnerability scans, security assessments, and risk analyses

Evaluate system and network weaknesses and recommend remediation measures

Track, prioritize, and validate remediation of vulnerabilities Participate in penetration testing efforts and review test results

Security Controls & System Hardening

Implement and maintain security controls such as access controls, firewalls, endpoint protection, and encryption

Assist with secure system configurations, patch management, and hardening standards

Support identity and access management (IAM), including user provisioning and privilege reviews

Policy, Compliance & Governance

Assist in developing, reviewing, and enforcing information security policies, standards, and procedures

Support compliance with regulatory and framework requirements (e.g., NIST, CIS, ISO 27001, HIPAA, CJIS, PCI DSS)

Participate in audits, assessments, and compliance reviews

Maintain security documentation and evidence for audits

Threat Intelligence & Continuous Improvement

Stay current on emerging threats, vulnerabilities, and security trends

Analyze threat intelligence to assess potential impact to the organization

Recommend improvements to security architecture, tools, and processes Assist with security awareness initiatives and user education

Collaboration & Communication

Work closely with IT teams, system owners, vendors, and management to address security risks

Provide guidance on secure design and implementation of new systems and applications

Communicate technical risks and mitigation strategies in clear, non-technical terms when needed

Reporting & Documentation

Prepare regular security reports, metrics, and dashboards

Maintain incident logs, risk registers, and security configurations

Document procedures, workflows, and security playbooks

Additional Responsibilities (may vary by organization)

Support disaster recovery and business continuity planning

Assist with cloud, mobile, and remote access security

Participate in security assessments for third-party vendors

Provide on-call or after-hours incident response support as required

Minimum Requirements:

Associated Degree in Cybersecurity, IT with 1—3 years of experience in:

IT security, cybersecurity, information assurance, or systems/network administration

Monitoring, analyzing, or responding to security events or incidents

Experience supporting or securing:

Networks, servers, endpoints, or cloud environments

User access controls and authentication systems

Must have a valid Oklahoma driver's license.

Preferred Requirements:

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field

One or more industry-recognized security certifications, such as:

CompTlA Security+

SSCP, GSEC, or CEH

CISSP (preferred for advanced or senior roles)

Ongoing professional development in cybersecurity or information assurance

Visit our website for more information

Muscogee (Creek) and Indian Preference