Manager Cyber Security Risk Analyst Jobs in Iowa

Position Summary Under the general direction of the Chief Information Security Officer (CISO) in the Information Technology Department and in coordination with the Criminal Investigation Division within the Law Enforcement Department, the Digital Forensics, Investigations, and Cybersecurity Analyst provides technical, investigative, and analytical support related to digital evidence, cyber incidents, and technology-facilitated criminal activity. This position assists investigators by identifying, collecting, preserving, analyzing, and interpreting electronic data relevant to criminal and administrative investigations. The role also supports cybersecurity operations by identifying indicators of compromise, detecting malicious activity, and contributing to organizational security efforts.

The ideal candidate demonstrates strong technical expertise, sound judgment, discretion, and the ability to communicate complex information to non-technical audiences. DISTINGUISHING FEATURES OF THE CLASS: Work involves applying independent judgment, technical analysis, and specialized digital forensic skills to support law enforcement and cybersecurity operations. Under the guidance of the CISO, the employee supports digital evidence management, identifies relevant cyber threats, and assists investigative personnel with technical requirements.

Work is reviewed through reports, case outcomes, and adherence to established procedures and legal standards. Work is reviewed through reports and evaluation of outcomes achieved. Job Duties Job Duties Provide technical support during criminal, administrative, and intelligence investigations involving electronic evidence across computers, mobile devices, cloud platforms, networks, and digital accounts.

Work under the direction of the CISO to support cybersecurity operations, digital evidence processes, and investigative technology needs. Identify, collect, preserve, and document digital evidence following chain-of-custody procedures, legal requirements, and departmental standards. Analyze logs, endpoint data, email activity, account usage, browser history, metadata, registry artifacts, and cloud-based records to identify relevant activity and investigative leads.

Support investigations involving cybercrime, fraud, unauthorized access, account compromise, malware, data exfiltration, or other technology-related offenses. Assist with identifying indicators of compromise, suspicious behaviors, vulnerabilities, and cybersecurity risks affecting City systems. Support incident response activities related to intrusions, malware, credential compromise, or unauthorized access.

Prepare clear and defensible technical reports that summarize methods, findings, timelines, and conclusions. Present technical findings to investigators, supervisors, prosecutors, and other stakeholders. Coordinate with the CISO, prosecutors, investigators, outside agencies, and approved vendors regarding evidence handling and cybersecurity matters.

Testify in court as needed regarding digital evidence or technical findings. Assist in developing and maintaining procedures for digital evidence handling, cybersecurity response, and secure technology practices. Provide training and guidance to authorized staff on digital evidence preservation, cyber awareness, and secure practices.

Maintain current knowledge of forensic, cybersecurity, and investigative tools and methods. Perform other related duties as assigned. Knowledge, Skills, and Abilities Digital Evidence and Forensics - Knowledge of the principles, practices, and tools used to identify, collect, preserve, analyze, and document digital evidence from computers, mobile devices, cloud environments, user accounts, and related systems.

Cybersecurity Operations - Knowledge of cybersecurity concepts including incident response, threat detection, malware behavior, unauthorized access, account compromise, indicators of compromise, vulnerability awareness, and protection of sensitive information systems. Law Enforcement Support - Knowledge of the role technology plays in supporting criminal investigations, administrative reviews, intelligence functions, and interagency coordination. Law and Government - Knowledge of applicable laws, legal standards, court procedures, evidentiary requirements, privacy considerations, search and seizure principles, and government regulations related to digital investigations and public-sector technology operations.

Public Safety and Security - Knowledge of procedures, policies, and practices that support public safety operations, secure law enforcement environments, and protection of criminal justice information. Standards and Compliance - Knowledge of relevant standards, frameworks, and requirements such as CJIS Security Policy, NIST guidance, ISO/IEC 27037, chain-of-custody practices, and applicable privacy or regulatory requirements. Operating Systems and File Systems - Knowledge of Windows, Linux, and macOS operating systems, common file systems, endpoint artifacts, user activity traces, and system-generated records.

Networks, Systems, and Cloud Platforms - Knowledge of networking concepts, logging, authentication, cloud services, account management, and common enterprise technologies encountered during investigations and cybersecurity reviews. Analytical Ability - Ability to collect, correlate, and interpret technical data from multiple sources; recognize patterns and anomalies; and develop logical, evidence-based conclusions. Technical Communication - Ability to prepare clear, organized, and accurate documentation, reports, and summaries, and to explain complex technical information to non-technical audiences.

Collaboration and Coordination - Ability to work effectively with the Information Technology Department's CISO, law enforcement personnel, attorneys, outside agencies, and other stakeholders in a team-based environment. Training and Guidance - Ability to provide instruction, support, and practical guidance to others on digital evidence handling, cyber awareness, and investigative technology matters. Confidentiality and Professional Judgment - Ability to handle highly sensitive information with discretion, maintain evidentiary integrity, exercise sound judgment, and uphold confidentiality and ethical standards.

Adaptability and Continuous Learning - Ability to stay current with evolving technology, cybersecurity threats, investigative tools, and legal considerations affecting digital evidence and law enforcement support. Qualifications Minimum Qualifications Associate degree in Information Security, Information Technology, or a related field, and at least two years of experience working in or supporting a law enforcement, public safety, government, or criminal justice environment. Experience may include supporting cybersecurity operations, digital investigations, incident response, threat analysis, log review, or digital evidence processing.

Experience preparing technical reports, affidavits, summaries, or case documentation suitable for investigative or legal use. Ability to obtain and maintain CompTIA Security+ certification within 12 months of hire. Preferred Qualifications Bachelor's degree in Cybersecurity, Digital Forensics, Computer Science, Information Technology, Criminal Justice, or a related field.

Experience using forensic and investigative tools such as EnCase, FTK, Cellebrite, Magnet AXIOM, X-Ways, Autopsy, Volatility, or cloud/log analysis platforms. Experience working with investigators, attorneys, and leadership on complex or sensitive technical matters. Experience preparing technical reports, affidavits, or documentation suitable for investigative or legal proceedings.

Experience presenting technical findings in court or formal settings. Familiarity with CJIS security requirements, evidence-handling standards, and public-sector cybersecurity practices. Work Environment Work is primarily performed in a secure office environment within or in support of a law enforcement or public-sector organization.

This position is administratively aligned with the Information Technology Department and works under the Chief Information Security Officer (CISO), and law enforcement personnel on the CID on technical and cybersecurity-related matters. Duties may involve working with sensitive, confidential, or legally restricted information, including digital evidence and criminal justice data. Work may be performed in secure evidence-processing areas, law enforcement facilities, data centers, or other controlled environments depending on investigative or cybersecurity needs.

The position may require participation in incident response activities, investigative support functions, court preparation, or coordination with outside agencies and prosecutors. May require occasional irregular hours, on-call availability, or limited travel in support of investigations, cybersecurity incidents, legal proceedings, or interagency collaboration. Work is generally performed in a climate-controlled setting with strict security, confidentiality, and evidence-handling requirements.

Exposure to disturbing or sensitive investigative materials may occur in the course of reviewing digital evidence. Supplemental Information RESIDENCY REQUIREMENT: Employee shall establish their principal place of residence within fifty (50) miles of the corporate limits of the city of Dubuque as soon as practicable after appointment, but within two years of appointment. SUPERVISORY STATUS: None FLSA STATUS: Exempt Our Commitment to You The City of Dubuque is committed to using a merit-based system in which recruiting, selecting, and advancing employees is based on their relative knowledge, skills, and abilities, in compliance with all applicable federal and state laws.

Our organization provides equal opportunities for all individuals, fostering a workplace that values innovation, collaboration, and work-life balance. We offer job stability, a comprehensive benefits package, and an opportunity to serve and support our growing community. In accordance with legal obligations our policies and practices are designed to ensure fair treatment and foster a respectful workplace where all are encouraged to apply.