Information Security Analyst II

Fairfax County VA

Fairfax, VA

JOB DETAILS
SALARY
$83,009.89–$138,349.74 Per Year
SKILLS
Analysis Skills, Applications Security, Childcare, Cloud Computing, Communication Skills, Computer Science, Computer Security, Consulting, Data Collection, Data Management, Dental Insurance, Electrical Engineering, Employee Assistance Plan, Endpoint Security, English Language, External Audit, Federal Laws and Regulations, Firewalls, Government, HIPAA (Health Insurance Portability and Accountability Act), High School Diploma, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information Science, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Information/Data Security (InfoSec), Internal Audit, Internet Security, Intrusion Detection Systems, Intrusion Detection and Prevention (IDP), Legal, Loss Prevention, Maintain Compliance, Malware Analysis, Multilingual, Network Architecture/Engineering, Network Security, Operating Systems, Organizational Skills, PCI-DSS, Penetration Testing, Physical Demands, Policy Development, Privacy Controls, Privacy Regulations, Regulatory Requirements, Retirement Plan, Risk Management, Security Analysis, Security Architecture, Security Attacks, Security Auditing, Security Compliance, Security Information and Event Management (SIEM), State Laws and Regulations, Systems Administration/Management, Team Player, Technical Consulting, Technical Leadership, Technical Support, Technology Analysis, Training/Teaching, U.S. National Institute of Standards and Technology (NIST), VPN (Virtual Private Network), Vision Plan, Vulnerability Scanners
LOCATION
Fairfax, VA
POSTED
6 days ago

Information Security Analyst II

Salary

$83,009.89 - $138,349.74 Annually

Location

FX. CTY. GOVERNMENT CENTER, 12000 GOVERNMENT CENTER PKWY., FAIRFAX (EJ32), VA

Job Type

FT Salary W BN

Job Number

26-00981

Department

Information Technology

Opening Date

07/04/2026

Closing Date

7/10/2026 11:59 PM Eastern

Pay Grade

S28

Posting Type

Open to General Public

  • Description
  • Benefits
  • Questions

Job Announcement

Acts as an Information Security Analyst within the Information Security Office (ISO), supporting cybersecurity, privacy, and technology risk management across the enterprise. This role focuses on evaluating cyber threats, responding to security incidents, supporting agency inquiries, and contributing to the implementation, governance, and operation of countywide cybersecurity controls. The position directly supports the Policy & Compliance unit within ISO.

Responsibilities may include:

  • Develops and maintains information security policies, standards, guidelines, and procedures to meet federal, state, and county regulatory requirements.
  • Supports internal and external audits, assessments, and compliance reviews for security and privacy obligations.
  • Manages data preservation and collection requests related to legal matters, Virginia Freedom of Information Act (VFOIA) requests, internal investigations, forensic activities, and other eDiscovery processes.
  • Conducts security outreach, delivering awareness training, and assists agencies in interpreting county information security policies.
  • Investigates cybersecurity incidents and responds to alerts from SIEM systems, vulnerability scans, endpoint tools, and penetration testing reports.
  • Implements, administers, and supports security technologies such as endpoint protection, data loss prevention, intrusion detection/prevention systems, application firewalls, vulnerability management platforms, and forensic utilities used by the ISO.
  • Coordinates daily with DIT divisions, agency information security coordinators, IT analysts, and external partners regarding cybersecurity and compliance matters.
  • Serves as a technical and operational advisor on cybersecurity issues, compliance questions, and policy interpretation.
  • Stays current with cybersecurity, privacy, and regulatory trends and pursuing relevant professional certifications.
  • Supports emergency IT events and participating in county Emergency Operations Center activations as needed.
  • Performs other duties as assigned.

Note: This is a hybrid position, 2 days at office, 3 days from remote, after initial 4-5 weeks at office.

Employment Standards

MINIMUM QUALIFICATIONS:

Any combination of education, experience, and training equivalent to the following:

(Click on the aforementioned link to learn how Fairfax County interprets equivalencies for "Any combination, experience, and training equivalent to")

Graduation from an accredited four-year college or university with a bachelors degree in a computer or information science discipline, IT/cyber security, network or IT systems administration, engineering; or a bachelors degree in a business or related field that has been supplemented by at least 18 credit hours of intermediate computer science coursework; plus one year of experience in information security systems, network security, or cyber security.

NECESSARY SPECIAL REQUIREMENTS:

The appointee to this position will be required to complete a criminal background check to the satisfaction of the employer.

PREFERRED QUALIFICATIONS:

  • Experience implementing, assessing, or maintaining compliance with IT and privacy regulations or standards such as HIPAA, PCIDSS, CJIS, Virginia privacy requirements, federal PII protections, and institutional standards such as the NIST Cybersecurity Framework, NIST 80053/171, ISO 27000 series, OWASP, or SANS CIS Controls.
  • Experience working with and understanding of security and network architecture, identity and access management, operating systems, cloud services, databases, and modern enterprise technologies.
  • Experience with technologies including malware analysis tools, application and network firewalls, VPN solutions, DLP, identity management platforms, SIEM solutions, and intrusion detection/prevention systems.
  • Demonstrated experience in policy development, security governance, audit support, and agency consulting.
  • Experience applying strong analytical, communication, and collaboration skills in a cybersecurity, compliance, or technical consulting environment.

PHYSICAL REQUIREMENTS:

Work is generally sedentary, performed in a normal office environment. All duties performed with or without reasonable accommodations.

SELECTION PROCEDURE:

Panel interview and may include exercise.

Fairfax County is home to a highly diverse population, with a significant number of residents speaking languages other than English at home (including Spanish, Asian/Pacific Islander, Indo-European, and many others.) We encourage candidates who are bilingual in English and another language to apply for this opportunity.

Fairfax County Government prohibits discrimination on the basis of race, color, religion, national origin, sex, pregnancy, childbirth or related medical conditions, age, marital status, disability, sexual orientation, gender identity, genetics, political affiliation, or military status in the recruitment, selection, and hiring of its workforce.

Reasonable accommodations are available to persons with disabilities during application and/or interview processes per the Americans with Disabilities Act. TTY 703-222-7314. DHREmployment@fairfaxcounty.gov EEO/AA/TTY.

#LI-JY1

Merit Positions

Fairfax County is proud to offer employees an attractive and comprehensive benefits program, including the following:

  • Medical/Vision/Dental Insurance Coverage
  • Group Term Life Insurance
  • Long Term Disability
  • LiveWell Program
  • Flexible Spending Programs
  • Paid Leave (annual, sick, parental, volunteer activity, and more!)
  • Paid Holidays
  • Contributory Retirement Plan
  • Deferred Compensation
  • Employee Assistance Program
  • Employees Child Care Center
  • Continuous Learning Opportunities

Please click here for a summary of our benefits.

NOTE: Fairfax County Government is a qualifying employer under the Public Service Loan Forgiveness program. For more information about the PSLF program: Public Service Loan Forgiveness | Federal Student Aid

For additional details please visit the Countys benefits webpage.

Non-Merit Positions

  • Non-Merit Benefit Eligible: scheduled to work a minimum 1,040 hours and no more than a maximum of 1,560 hours in a calendar year.

  • Medical/Vision/Dental Insurance Coverage

  • Flexible Spending Program

  • Deferred Compensation

  • Temporary: scheduled to work a maximum of 900 hours in a calendar year.

  • No benefits

01

What is the highest level of education that you have completed?

  • Less than 12th grade
  • High school diploma or GED
  • Some college
  • Associates degree
  • Bachelors degree
  • Masters degree
  • Doctorate degree

02

If you answered "Some college" for the highest level of education completed, please indicate the number of quarter or semester hours you have completed towards a degree.

  • Less than 45 quarter hours
  • 45 to less than 90 quarter hours
  • 90 to less than 135 quarter hours
  • 135 to less than 180 quarter hours
  • 180 or more quarter hours
  • Less than 30 semester hours
  • 30 to less than 60 semester hours
  • 60 to less than 90 semester hours
  • 90 to less than 120 semester hours
  • 120 or more semester hours
  • Not applicable

03

Please indicate your area(s) of study or major(s)/minor(s) towards a degree. Check all that apply.

  • Computer science
  • Information technology
  • Cybersecurity
  • Electrical engineering
  • Business
  • Other (related field)
  • Other (non-related field)
  • Not Applicable

04

If you answered "Other (related field)" or "Other (non-related field)" for the previous question, please list all of your majors and minors. If this question does not pertain to you, or you do not have a degree, enter "Not applicable".

05

If you responded that you possess a business or related degree, have you completed least 18 credit hours of intermediate computer science coursework?

  • Yes
  • No

06

How many years of full-time equivalent professional experience do you have in information security systems, network security, or cyber security?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

07

How many years of full-time equivalent experience do you have implementing, assessing, or maintaining compliance with IT and privacy regulations or standards such as HIPAA, PCI DSS, CJIS, Virginia privacy requirements, federal PII protections, NIST CSF, NIST 800-53/171, ISO 27000, OWASP, or SANS CIS Controls?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

08

How many years of full-time equivalent experience do you have working with security and network architecture, identity and access management, operating systems, cloud services, databases, and modern enterprise technologies?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

09

How many years of full-time equivalent experience do you have using technologies such as malware analysis tools, application and network firewalls, VPN solutions, DLP, identity management platforms, SIEM solutions, and intrusion detection/prevention systems?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

10

How many years of full-time equivalent experience do you have in policy development, security governance, audit support, and agency consulting?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

11

How many years of full-time equivalent experience do you have applying strong analytical, communication, and collaboration skills in a cybersecurity, compliance, or technical consulting environment?

  • None
  • Less than one year
  • One to less than two years
  • Two to less than three years
  • Three to less than four years
  • Four to less than five years
  • Five or more years

12

This is a hybrid position, 2 days at office, 3 days from remote, after initial 4-5 weeks at office, will that work for you?

  • Yes
  • No

Required Question

Employer Fairfax County

Address 12000 Government Center Pkwy. Suite 270

Fairfax, Virginia, 22035

Phone 703-324-3311

Website http://agency.governmentjobs.com/fairfaxcounty/default.cfm

About the Company

F

Fairfax County VA