Job Information
Opening Date/Time
07/07/2026 12:00AM Central Time
Closing Date/Time
07/20/2026 11:59PM Central Time
Salary (Monthly)
$6,544.00 - $8,454.00
Salary (Annually)
$78,528.00 - $101,448.00
City, State Location
Nashville, TN
Department
Finance and Administration
LOCATION OF (1) POSITION(S) TO BE FILLED: DEPARTMENT OF FINANCE & ADMINISTRATION, DAVIDSON COUNTY
The Department of Finance & Administration does not sponsor applicants for work visas.
This position is designed as Hybrid.
This position requires a criminal background check and CJIS Fingerprints. Therefore, you may be required to provide information about your criminal history in order to be considered for this position.
Qualifications
Education and Experience: Bachelor's degree and five years of experience in information security, risk management, or policy implementation.
Substitution of Graduate Coursework: Graduate coursework in information security may substitute for one year of experience.
Substitution of Experience for Education: Experience in cybersecurity or incident response may substitute for education up to four years.
Alternate Qualification:
Three years as an Information Security Analyst - Junior or CISSP certification also qualifies.
Overview
The Information Security Analyst Sr. serves as a key member of the Tennessee Department of Health's information security team, responsible for protecting critical systems, networks, and data assets. This position provides advanced expertise in security monitoring, incident response, risk assessment, vendor management and compliance with regulatory and organizational standards. The analyst collaborates across the various areas of Health to design, implement, and maintain robust information security controls and initiatives that support the organization's strategic and operational goals.
Responsibilities
Key Responsibilities
-
Lead efforts to identify, analyze, and mitigate cybersecurity threats and vulnerabilities across systems.
-
Monitor, investigate, and respond to security incidents by working closely with Enterprise security teams.
-
Analyze data from tools such as SIEM, EDR, IDS/IPS, and vulnerability management platforms.
-
Conduct regular risk assessments, penetration tests analysis, and security audits to ensure compliance with industry standards (e.g., NIST, ISO 27001).
-
Develop and maintain information security policies, procedures, and incident response plans.
-
Provide guidance and mentorship to other analysts and IT staff on security best practices.
-
Collaborate with IT, legal, and compliance teams to manage data protection and privacy initiatives.
-
Evaluate new security technologies and recommend improvements to the organization's security posture.
-
Prepare reports, dashboards, and metrics for management on security events, vulnerabilities, and compliance status.
-
Conduct audit of security related areas and work closely with audit teams
Competencies (KSA's)
Competencies:
1. Strategic Mindset
2. Customer Focus
3. Decision Quality
4. Optimizes Work Processes
5. Strategic Mindset
Knowledges:
1. Advanced cybersecurity best practices
2. Regulatory and compliance frameworks
3. Risk assessment methodologies
4. Systems architecture and defense-in-depth
5. Data privacy and protection strategies
Skills:
1. Risk and threat analysis
2. Policy creation and enforcement
3. Forensic investigation
4. Team supervision and training
5. Report preparation and presentation
Abilities:
1. Manage high-priority security projects
2. Advise on compliance strategy
3. Lead cross-functional response teams
4. Communicate complex security topics clearly
5. Drive improvements in enterprise security posture
Tools & Equipment
1. Security Information and Event Management (SIEM)
2. Compliance Management Tools
3. Forensic Analysis Tools
4. Vulnerability Scanners
5. Microsoft Office Suite