J

Security Analyst III

icon briefcase Job Type : Full Time

Number of Applicants

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
Apply Now
icon loader Apply Now

Let AI Supercharge Your Job Hunt!

JobCopilot scans 500,000+ company career sites daily to find jobs for you

Never miss an opportunity Save hours by auto-filling applications forms Land more interviews with tailored applications
happy man
thunder iconActivate JobCopilot

Job Description - Security Analyst III






Overview






A career with Johnson County Government is more than just a job, it is an opportunity to serve a diverse and expanding community in meaningful ways. We challenge ourselves to be a different kind of government because we care deeply about our community and each other. Committed to our shared values, we provide excellent public service, seeking always to improve ourselves and our organization. We offer wonderful benefits, retirement plans, wellness incentives, a great organizational culture, and much more; be sure to explore all we have to offer here!









Job Description






Johnson County Government's Department of Technology and Innovation is seeking a skilled and experienced Security Analyst III to join our team. In this role, you will play a critical part in maintaining and enhancing our security posture, with a strong focus on email security and automation. Experience with Microsoft Defender for Office 365 Plan 2 and security automation workflows is highly desirable. You will lead major security initiatives, drive continuous improvement in our security practices, and safeguard our information assets by developing and enforcing robust security architecture, policies, and procedures while ensuring compliance with legal and regulatory requirements. A strong commitment to professional growth is essential, demonstrated through active participation in Johnson County’s training opportunities, including specialized programs such as SANS cybersecurity courses and other professional development resources.

 

This position is currently eligible to work in a hybrid work environment with both onsite and remote work. Residency within the Kansas City-Overland Park-Kansas City, MO-KS Combined Statistical Area, which generally includes the Kansas counties of Johnson, Wyandotte, Leavenworth, Miami, and Linn, and the Missouri counties of Jackson, Clay, Platte, Cass, and Ray, is required. First review of applications will begin on April 23, 2026. Position will remain open until filled. 

 

Key Responsibilities

  • Strengthen the county’s security posture through technology evaluation and process improvement.
  • Optimize Microsoft Defender for Office 365 Plan 2 capabilities, including advanced threat protection, phishing detection, and automated investigation and response, to enhance email security posture.
  • Develop and maintain security automation workflows to streamline vulnerability management and incident response using tools such as custom scripting, Microsoft Defender for Office 365 Plan 2, and SIEM/SOAR platforms.
  • Lead and execute web application penetration tests, identifying vulnerabilities in custom and third-party applications, and working with development teams to remediate findings.
  • Conduct and analyze vulnerability scans and penetration tests across infrastructure and applications.
  • Collaborate with other teams within the Department of Technology and Innovation to standardize and improve security processes across all business units.
  • Conduct reporting and auditing of Identity and Access Management.
  • Identify and analyze current and evolving threats and vulnerabilities, especially those targeting web applications.
  • Ensure compliance of enterprise IT architecture with federal health, privacy, and financial regulations.
  • Conduct comprehensive risk assessments of the current environment and proposed changes to the hardware and software stack to identify potential security vulnerabilities and ensure alignment with organizational security standards.
  • Develop and document security policies and procedures aligned with industry best practices and emerging threats.
  • Lead security projects, including the deployment of new technologies and tools for application security testing.
  • Analyze and respond to security incidents, advisories, and alerts.
  • Promote secure development practices and provide guidance to developers on secure coding.
  • Work with end users to address business functionality needs while ensuring secure methodologies.
  • Train end users and promote security awareness for improved system security and efficiency.
  • Monitor and manage security-related contracts and tools.
  • Utilize forensic tools for data collection and incident response.
  • Participate in on-call rotation.








Job Requirements






Required Experience

  • Bachelor’s degree in Information Technology or relevant field*
  • 8+ years of experience in information technology.
  • 5+ years of experience in information security, including risk analysis and management.

*Experience may be substituted for education. Education may be substituted for experience.

 

Licenses and Other Requirements

  • Valid driver's license required

Special Knowledge and Skills Needed:

  • Analytical skills, including the ability to research, interpret data, conceptualize data, analyze information, and write formal recommendations based on findings.
  • Hands-on experience with Microsoft Defender for Office 365 Plan 2, including configuration, policy management, and automated investigation and response.
  • Demonstrated ability to design and deploy automated security workflows for incident response and vulnerability remediation.
  • Experience in threat hunting using SIEM and EDR tools on Windows and Unix systems.
  • Comprehensive understanding and substantive experience in network systems engineering, computing systems and software applications.
  • Demonstrated expertise in web application penetration testing, including manual and automated testing techniques, OWASP Top 10, and secure development lifecycle practices.
  • Experience with tools such as Burp Suite, OWASP ZAP, Metasploit, and custom scripts for web app testing.
  • Comprehensive understanding and substantive experience in network systems engineering, computing systems and software applications.
  • Experience working in a change-controlled environment.
  • Experience working with:
    • Network and security management software
    • Network analysis tools
    • Scripting languages including UNIX command line utilities
    • Vulnerability Management tools
    • Layer7 firewalls (NGFW)
    • Vendor access systems
    • Active Directory
    • Log management tools
    • Network Security monitor tools

Soft Skills Needed:

  • Strong interpersonal and collaboration skills.
  • Curiosity and a proactive approach to problem-solving.
  • Written communication skills, including business writing, report writing, summarizing, and editing skills.
  • Oral communication skills, including presentations to: individuals, small groups, and large groups.
  • Facilitation skills, including ability to use group decision making to gain commitment and/or ability to encourage participation.

Preferred Qualifications

  • 3+ years of experience driving automation initiatives to reduce manual effort and improve response times for phishing, malware, and other email-based threats.
  • 3+ years of experience in project management.
  • Familiarity with IT security standards (ISO, NIST) and regulatory frameworks (CJIS, HIPAA, PCI).
  • Experience implementing security control frameworks such as the Center for Internet Security (CIS) Benchmarks and/or Security Technical Implementation Guides (STIGs) to ensure system hardening and compliance.
  • Experience supporting Microsoft business applications (Active Directory, Exchange, Azure, Entra, Purview, Defender for Office).
  • Experience working with SCADA (Supervisory Control and Data Acquisition) and ICS (Industrial Control Systems).
  • Experience using network analysis tools, scripting languages including UNIX command line utilities, software vulnerabilities, exploits and malware.
  • CISSP certification.




Original job Security Analyst III posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Apply Now
Share Job
Share Job

Auto-Apply to Security Analyst III Jobs with your AI JobCopilot

thunder icon Auto-Apply with AI

Similar Security Analyst III Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.