Information Security Analyst

Description

The Information Security Analyst reports directly to the Director of Technology and Innovation and plays a critical role in safeguarding Tulsa International Airport's data, infrastructure, and stakeholders from cyber threats. This position is responsible for designing, developing, documenting, testing, implementing cybersecurity controls and measures, and actively identifying and mitigating threats within the infrastructure. This position starts at $62,302 a year.

PRIMARY RESPONSIBILITIES

Cybersecurity Program Management & Operations

• Lead      the development, maintenance, and continuous improvement of the Airport      Cybersecurity Improvement Plan (CIP), ensuring alignment with evolving      threats and regulatory requirements.
• Serve      as the primary cybersecurity point of contact with federal agencies,      including TSA, CISA, and FBI coordinating compliance efforts, reporting,      and the adoption of available cybersecurity resources and directives.
• Partner      with Safety and Security to ensure adherence to TSA, FAA, and other      applicable regulatory cybersecurity frameworks.

Cybersecurity Strategy & Threat Management

• Design,      implement, and enhance a comprehensive cybersecurity program to      proactively identify, detect, and mitigate threats across airport systems.
• Monitor      security logs, alerts, and intelligence sources to identify anomalies,      investigate incidents, and recommend corrective actions.
• Develop      and implement security hardening standards and best practices to      strengthen the organization’s overall security posture.
• Evaluate      emerging threats and technologies, recommending improvements to enhance      resilience and operational effectiveness.

Tools & Technology Management

• Optimize      cybersecurity tools, including Vulnerability Management platforms,      Anti-Virus/Anti-Malware solutions, and SIEM tools.
• Ensure      tools are effectively configured, monitored, and continuously improved to      meet organizational security objectives.

Training, Exercises & Awareness

• Lead      the development and execution of cybersecurity training and awareness      programs across the airport, including phishing simulations and social      engineering exercises.
• Design,      facilitate, and evaluate cybersecurity tabletop exercises to test incident      response capabilities and improve organizational readiness.
• Report      training outcomes, trends, and risk insights to leadership, recommending      actionable improvements.

Risk, Compliance & Assessments

• Conduct      and support cybersecurity risk assessments, audits, and compliance      reviews.
• Analyze      business impact and exposure to cybersecurity risks, developing mitigation      strategies aligned with approved security architectures.
• Maintain      and enhance documentation for cybersecurity policies, procedures, and      controls to support compliance and operational consistency.

Collaboration & Technical Support

• Collaborate      cross-functionally with IT, operations, and leadership to integrate      cybersecurity into all aspects of airport technology and operations.
• Provide      technical support and backup for infrastructure systems, including servers      and networks, as needed.  

Requirements

 Education & Experience: 

Bachelor's degree in Cybersecurity, Management Information Systems (MIS), Computer Information Systems (CIS), or a related field. Cybersecurity-related certifications are a plus. 

Knowledge, Abilities and Skills: 

· Strong knowledge of threats and vulnerabilities associated with cloud and on-premise security.

· Proficiency in Vulnerability Management scanning and reporting tools.

· Hands-on experience with security monitoring tools, vulnerability scans, and assessment report review.

· Experience as a systems or network administrator in modern infrastructure.

· Proficiency in firewall management, endpoint protection, networking, and server security.

· Excellent written and verbal communication skills.

· Availability to work 40 hours per week and ability to work overtime when necessary.

Physical Requirements: Physical requirements include arm and hand steadiness and finger dexterity enough to use a keyboard and telephone; occasional lifting up to 30 pounds; frequent carrying, pushing and pulling up to 15 pounds with occasional carrying; vision, speech and hearing sufficient to perform the essential tasks; Capable of regularly walking to various parts of the Airport without overly being exerted. 

Licenses and Certifications: Possession of a valid Oklahoma Driver's License; ability to obtain and maintain eligibility to hold a Security Identification Display Area (SIDA) badge.

Working Environment: The working environment is primarily indoors in an office setting. The Information Security Analyst may be required to work extended hours outside of the regular shift schedule to meet operational needs.

Note:

This job description lists only the primary job duties normally assigned to this position but does not restrict the performance of other duties as assigned.

Reasonable accommodation may be made to enable individuals with disabilities to perform the essential