INFORMATION SECURITY ANALYST-SENIOR - 07072026-78984

State of Tennessee

Nashville, TN

JOB DETAILS
SKILLS
Analysis Skills, Auditing, Best Practices, Computer Security, Cross-Functional, Customer Relations, Data Analysis, Data Management, Enterprise Protection, Finance, Forensic Science, Health Department, ISO (International Organization for Standardization), Incident Response, Industry Standards, Information/Data Security (InfoSec), Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Legal, Maintain Compliance, Mentoring, Metrics, Operational Strategy, Organizational Development/Management, Penetration Testing, People Management, Policy Implementation, Presentation/Verbal Skills, Privacy Controls, Process Improvement, Regulatory Compliance, Reporting Dashboards, Reporting Skills, Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Auditing, Security Information and Event Management (SIEM), Security Monitoring, Team Lead/Manager, Team Player, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Evaluation, Vendor/Supplier Management
LOCATION
Nashville, TN
POSTED
4 days ago

Job Information

State of Tennessee Job Information

Opening Date/Time07/07/2026 12:00AM Central TimeClosing Date/Time07/20/2026 11:59PM Central TimeSalary (Monthly)$6,544.00 - $8,454.00Salary (Annually)$78,528.00 - $101,448.00Job TypeFull-TimeCity, State LocationNashville, TNDepartmentFinance and Administration

LOCATION OF (1) POSITION(S) TO BE FILLED: DEPARTMENT OF FINANCE & ADMINISTRATION, DAVIDSON COUNTY

The Department of Finance & Administration does not sponsor applicants for work visas.

This position is designed as Hybrid.

This position requires a criminal background check and CJIS Fingerprints. Therefore, you may be required to provide information about your criminal history in order to be considered for this position.

Qualifications

Education and Experience: Bachelor's degree and five years of experience in information security, risk management, or policy implementation.

Substitution of Graduate Coursework: Graduate coursework in information security may substitute for one year of experience.

Substitution of Experience for Education: Experience in cybersecurity or incident response may substitute for education up to four years.

Alternate Qualification:

Three years as an Information Security Analyst - Junior or CISSP certification also qualifies.

Overview

The Information Security Analyst Sr. serves as a key member of the Tennessee Department of Health¿s information security team, responsible for protecting critical systems, networks, and data assets. This position provides advanced expertise in security monitoring, incident response, risk assessment, vendor management and compliance with regulatory and organizational standards. The analyst collaborates across the various areas of Health to design, implement, and maintain robust information security controls and initiatives that support the organization¿s strategic and operational goals.

Responsibilities

Key Responsibilities

  • Lead efforts to identify, analyze, and mitigate cybersecurity threats and vulnerabilities across systems.
  • Monitor, investigate, and respond to security incidents by working closely with Enterprise security teams.
  • Analyze data from tools such as SIEM, EDR, IDS/IPS, and vulnerability management platforms.
  • Conduct regular risk assessments, penetration tests analysis, and security audits to ensure compliance with industry standards (e.g., NIST, ISO 27001).
  • Develop and maintain information security policies, procedures, and incident response plans.
  • Provide guidance and mentorship to other analysts and IT staff on security best practices.
  • Collaborate with IT, legal, and compliance teams to manage data protection and privacy initiatives.
  • Evaluate new security technologies and recommend improvements to the organization's security posture.
  • Prepare reports, dashboards, and metrics for management on security events, vulnerabilities, and compliance status.
  • Conduct audit of security related areas and work closely with audit teams

Competencies (KSA's)

Competencies:

  1. Strategic Mindset

  2. Customer Focus

  3. Decision Quality

  4. Optimizes Work Processes

  5. Strategic Mindset

Knowledges:

  1. Advanced cybersecurity best practices

  2. Regulatory and compliance frameworks

  3. Risk assessment methodologies

  4. Systems architecture and defense-in-depth

  5. Data privacy and protection strategies

Skills:

  1. Risk and threat analysis

  2. Policy creation and enforcement

  3. Forensic investigation

  4. Team supervision and training

  5. Report preparation and presentation

Abilities:

  1. Manage high-priority security projects

  2. Advise on compliance strategy

  3. Lead cross-functional response teams

  4. Communicate complex security topics clearly

  5. Drive improvements in enterprise security posture

Tools & Equipment

  1. Security Information and Event Management (SIEM)

  2. Compliance Management Tools

  3. Forensic Analysis Tools

  4. Vulnerability Scanners

  5. Microsoft Office Suite

About the Company

S

State of Tennessee