State of Tennessee
INFORMATION SECURITY ANALYST-SENIOR -01092026-74326
State of Tennessee, Nashville, Tennessee, United States, 37247
Job Information
Opening Date/Time: 01/09/2026 12:00AM Central Time
Closing Date/Time: 01/15/2026 11:59PM Central Time
Salary (Monthly): $6,544.00 - $8,454.00
Salary (Annually): $78,528.00- $101,448.00
Job Type: Full-Time
Location: Nashville, TN
Department: Finance & Administration
Location of Position DEPARTMENT OF FINANCE & ADMINISTRATION, BUSINESS SOLUTIONS DELIVERY DIVISION, DAVIDSON COUNTY
Background Check This position requires a criminal background check. CJIS (Fingerprints) and Name Base background checks are required.
Hybrid This position can be performed on a hybrid basis.
Qualifications
Education: Bachelor’s degree and five years of experience in information security, risk management, or policy implementation.
Graduate coursework in information security may substitute for one year of experience.
Experience in cybersecurity or incident response may substitute for up to four years of education.
Alternate Qualification: three years as an Information Security Analyst - Junior or CISSP certification also qualifies.
Overview Under direction, the Information Security Analyst‑Senior leads information security operations including policy enforcement, risk assessments, incident response, and compliance management. This role also supervises junior staff and ensures security measures align with strategic and regulatory requirements. This class differs from that of Information Security Analyst‑Junior; incumbents of the latter assist with security policy promulgation, risk analysis, safeguard and compliance efforts, and incident response, and have no responsibility for supervising subordinate employees.
Responsibilities
Direct risk assessments and audits to identify security vulnerabilities and ensure compliance with regulations.
Develop, update, and implement security policies, procedures, and system controls.
Supervise junior staff, delegate security tasks, and provide training on forensic techniques and risk management.
Oversee the monitoring and analysis of security events and manage response and recovery operations.
Coordinate physical and digital security programs and lead enterprise threat mitigation efforts.
Prepare executive reports on system health, audit findings, and compliance trends.
Advise on vendor security contracts and review MOU, grants, and agreements for security compliance.
Evaluate new security products and design secure system architectures.
Promote user awareness through security training and policy communication.
Lead the investigation and resolution of security incidents and breaches.
Competencies (KSA's) Competencies:
Strategic Mindset
Customer Focus
Decision Quality
Optimizes Work Processes
Strategic Mindset
Knowledges:
Advanced cybersecurity best practices
Regulatory and compliance frameworks
Risk assessment methodologies
Systems architecture and defense-in-depth
Data privacy and protection strategies
Skills:
Risk and threat analysis
Policy creation and enforcement
Forensic investigation
Team supervision and training
Report preparation and presentation
Abilities:
Manage high-priority security projects
Advise on compliance strategy
Lead cross‑functional response teams
Communicate complex security topics clearly
Drive improvements in enterprise security posture
Tools & Equipment
Security Information and Event Management (SIEM)
Compliance Management Tools
Forensic Analysis Tools
Vulnerability Scanners
Microsoft Office Suite
For more information, visit the link below: https://www.tn.gov/content/dam/tn/finance/job-specification-files/Information%20Security%20Analyst%20SR.pdf
#J-18808-Ljbffr
Location of Position DEPARTMENT OF FINANCE & ADMINISTRATION, BUSINESS SOLUTIONS DELIVERY DIVISION, DAVIDSON COUNTY
Background Check This position requires a criminal background check. CJIS (Fingerprints) and Name Base background checks are required.
Hybrid This position can be performed on a hybrid basis.
Qualifications
Education: Bachelor’s degree and five years of experience in information security, risk management, or policy implementation.
Graduate coursework in information security may substitute for one year of experience.
Experience in cybersecurity or incident response may substitute for up to four years of education.
Alternate Qualification: three years as an Information Security Analyst - Junior or CISSP certification also qualifies.
Overview Under direction, the Information Security Analyst‑Senior leads information security operations including policy enforcement, risk assessments, incident response, and compliance management. This role also supervises junior staff and ensures security measures align with strategic and regulatory requirements. This class differs from that of Information Security Analyst‑Junior; incumbents of the latter assist with security policy promulgation, risk analysis, safeguard and compliance efforts, and incident response, and have no responsibility for supervising subordinate employees.
Responsibilities
Direct risk assessments and audits to identify security vulnerabilities and ensure compliance with regulations.
Develop, update, and implement security policies, procedures, and system controls.
Supervise junior staff, delegate security tasks, and provide training on forensic techniques and risk management.
Oversee the monitoring and analysis of security events and manage response and recovery operations.
Coordinate physical and digital security programs and lead enterprise threat mitigation efforts.
Prepare executive reports on system health, audit findings, and compliance trends.
Advise on vendor security contracts and review MOU, grants, and agreements for security compliance.
Evaluate new security products and design secure system architectures.
Promote user awareness through security training and policy communication.
Lead the investigation and resolution of security incidents and breaches.
Competencies (KSA's) Competencies:
Strategic Mindset
Customer Focus
Decision Quality
Optimizes Work Processes
Strategic Mindset
Knowledges:
Advanced cybersecurity best practices
Regulatory and compliance frameworks
Risk assessment methodologies
Systems architecture and defense-in-depth
Data privacy and protection strategies
Skills:
Risk and threat analysis
Policy creation and enforcement
Forensic investigation
Team supervision and training
Report preparation and presentation
Abilities:
Manage high-priority security projects
Advise on compliance strategy
Lead cross‑functional response teams
Communicate complex security topics clearly
Drive improvements in enterprise security posture
Tools & Equipment
Security Information and Event Management (SIEM)
Compliance Management Tools
Forensic Analysis Tools
Vulnerability Scanners
Microsoft Office Suite
For more information, visit the link below: https://www.tn.gov/content/dam/tn/finance/job-specification-files/Information%20Security%20Analyst%20SR.pdf
#J-18808-Ljbffr