CL - Security Analyst - Consultant
SCOPE OF THE PROJECT:
The SCDHHS Office of Cybersecurity (OCS) is tasked with performing ongoing enterprise cybersecurity threat monitoring and incident response capabilities.
A strong candidate for this position should possess experience or knowlege in the following:
oCyber Threat Response and Incident HandlingoCyber Security OperationsoPenetration TestingoNetwork SecurityDAILY DUTIES /
Responsibilities:
The Security Analyst is primarily responsible for assessing and evaluating the organization's information & cyber security solutions and processes, as well as providing technical advisory to influence the design and implementation of security information technology systems and networks.
The Security Analyst will guide junior analyst (Security Analyst I and II) to identify and address risks, and lead the response to information security issues.
Candidates should be self-starters, creative problem solvers and have an eagerness to implement tactics, techniques and procedures which make the most effective use of Agency staff, resources, products and technologies quickly.
Technical Knowledge:
Understanding of information technology and security concepts.
Experience or knowledge of operating systems (e.
g.
, Android, iOS, Linux, Windows, MVS, VMWare), cloud computing, networks, hardware and software platforms, and protocols as they relate to information security.
Experience or knowledge in performing vulnerability assessments, including scanning, analysis of results, and manual validation.
Experience with secure networking technologies such as network firewalls and IDS/IPS technologies, Network Security Monitoring expertise, and Security Information and Event Management (SIEM) systems.
Experience in information security incident response and risk management.
Experience managing and responding to information security risks, threats and incidents.
Threat and vulnerability management; awareness of current threats to confidentiality, integrity, and availability of data and controls to mitigate threatsStrong working knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls (e.
g.
, Centers for Medicaid and Medicare (CMS) MARS-E 2.
0, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT), and Federal Risk and Authorization Management Program (FedRAMP).
Experience or knowledge with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience or knowledge in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Working knowledge of TCP/IP and the functioning of its component protocols, ability to read, and analyze, using various toolsets such as tcpdump, wireshark, etc; how they work and what information they produce will be benificial in this role.
Understanding of basic defense-in-depth principles such as and secure system configuration, network segmentation and malicious code protection is a plus.
Information Systems' Security
Experience:
Experience working in a SOC environment is preferred.
Experience in operating and contributing to a security operations center responding to alerts and anomalies, creating and interpreting dashboards and triaging cross-functional teams is preferred.
Hands-on experience in the secure implementation, operation and on-going maintenance of computer systems, software, hardware and networks is preferred.
General Duties and
Responsibilities:
1.
Assist in the day-to-day duties of SOC monitoring activities, tools and processes2.
Provide hands-on support of OCS security tools3.
Conduct threat hunts (specialized searches) for evidence of compromise4.
Monitor security technologies for alerts5.
Investigating incidents, gathering evidence, and analyzing data6.
Analyze anomalous activity and potential threats to Agency connected resources7.
Collaborate with OCS Staff and other agency staff, leadership, business partners and other parties/stakeholders to support security and compliance risk mitigation efforts8.
Other duties as assignedREQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1.
Must have hands-on experience or educational background in IT System Security or System Administration2.
Experience with incident response procedures and practices3.
Must be willing to learn and take on new tasks4.
Willingness to work independently and as a member of a team5.
Willingness to collaborate and coordinate with multiple teams and vendors6.
Ability to multitask and prioritize tasks effectively in order to effectively report on the status of assigned work7.
Ability to multitask and prioritize tasks effectively in order to meet deadlines in a results-oriented environment8.
Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency9.
Strong understanding of enterprise operations & secure best practices10.
Ability to absorb, retain and communicate processes11.
Strong written and verbal communication skills.
12.
Ability to accept changes and constructive criticism and remain flexible in dealing with leadership and teams of varying technical and business knowledge.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1.
Prior Health Information Technology experience2.
Centralized Log Management experience3.
Familiarity with security regulatory requirements and standards (such as NIST 800 series, MARS-E)4.
Experience performing or supporting information security compliance assessments and audits5.
Work and/or consulting experience in federal, state, city or local government.
REQUIRED EDUCATION/CERTIFICATIONS:
1.
High school diploma with six years of relevant work experiencePREFERRED EDUCATION/CERTIFICATIONS:
1.
Bachelor degree in information technology, computer science, related technical field- with a minimum of 3 years relevant work exp.
2.
Information Security certifications such as:
CompTIA, ISC(2), SANS GIAC, CCNA Security, or similarAdditional Sills:
Incident response - requiredStrong understanding of enterprise operations & secure best practices- requiredStrong understanding of information technology and security concepts - requiredCyber security operations - requiredSkills:
CategoryNameRequiredImportanceLevelLast UsedExperienceAdministrativeSERVER ADMINISTRATIONNo4IntermediateWithin 5 Years2 - 4 YearsCloudcloud platforms / environmentsNo2AdvancedWithin 5 Years4 - 6 YearsEducationHigh School DiplomaYes1AdvancedCurrently Using2 - 4 YearsEducationBachelor's DegreeNo3AdvancedWithin 10 Years2 - 4 YearsEducationTechnical CertificationsNo3AdvancedWithin 10 Years2 - 4 YearsMiscellaneousKNOWLEDGE OF INFORMATION TECHNOLOGY FIELD, BEST PRACTICES, ORGANIZATION AND OPERATIONSYes1ExpertCurrently Using4 - 6 YearsMiscellaneousConsulting ExperienceNo1IntermediateWithin 10 Years2 - 4 YearsNetwork SecurityCybersecurityYes1ExpertCurrently Using4 - 6 YearsNetwork SecurityExperience in projects involving PCI/NIST security implementations and/or audits.
No1IntermediateWithin 10 Years2 - 4 YearsNetwork SecurityMARS-ENo3IntermediateWithin 5 Years2 - 4 YearsNetwork SecurityPenetration TestingNo4IntermediateWithin 5 Years1 - 2 YearsNetwork Securityrisk/vulnerability assessmentsNo4IntermediateWithin 5 Years2 - 4 YearsNetwork SecuritySecurity Information Event Management (SIEM) systems development / configurationNo1AdvancedWithin 5 Years4 - 6 YearsNetworking & DirectoriesINCIDENT MANAGEMENTYes1AdvancedWithin 5 Years4 - 6 YearsNetworking & DirectoriesInformation SecurityYes1ExpertCurrently Using4 - 6 YearsNetworking & DirectoriesNetwork securityNo1AdvancedWithin 5 Years4 - 6 YearsOperating Systems/APIsLinuxYes1AdvancedWithin 2 Years4 - 6 YearsOperating Systems/APIsWindowsYes1AdvancedWithin 2 Years4 - 6 YearsPackaged ApplicationsMicrosoftYes2AdvancedCurrently Using4 - 6 YearsProgram ManagementExperience working with risk managementNo1AdvancedWithin 5 Years2 - 4 YearsProtocolsFirewallNo1AdvancedWithin 5 Years2 - 4 YearsSoftware FramworkSoftware development life cycle (SDLC)No5AdvancedWithin 5 Years4 - 6 YearsSpecialtiesNIST SecurityYes1AdvancedWithin 2 Years4 - 6 YearsSpecialtiesMedicaid or healthcare experienceNo1IntermediateWithin 10 Years4 - 6 Years Recommended Skills Api Assessments Auditing Branding Cloud Computing Computing Platforms Estimated Salary: $20 to $28 per hour based on qualifications.
The SCDHHS Office of Cybersecurity (OCS) is tasked with performing ongoing enterprise cybersecurity threat monitoring and incident response capabilities.
A strong candidate for this position should possess experience or knowlege in the following:
oCyber Threat Response and Incident HandlingoCyber Security OperationsoPenetration TestingoNetwork SecurityDAILY DUTIES /
Responsibilities:
The Security Analyst is primarily responsible for assessing and evaluating the organization's information & cyber security solutions and processes, as well as providing technical advisory to influence the design and implementation of security information technology systems and networks.
The Security Analyst will guide junior analyst (Security Analyst I and II) to identify and address risks, and lead the response to information security issues.
Candidates should be self-starters, creative problem solvers and have an eagerness to implement tactics, techniques and procedures which make the most effective use of Agency staff, resources, products and technologies quickly.
Technical Knowledge:
Understanding of information technology and security concepts.
Experience or knowledge of operating systems (e.
g.
, Android, iOS, Linux, Windows, MVS, VMWare), cloud computing, networks, hardware and software platforms, and protocols as they relate to information security.
Experience or knowledge in performing vulnerability assessments, including scanning, analysis of results, and manual validation.
Experience with secure networking technologies such as network firewalls and IDS/IPS technologies, Network Security Monitoring expertise, and Security Information and Event Management (SIEM) systems.
Experience in information security incident response and risk management.
Experience managing and responding to information security risks, threats and incidents.
Threat and vulnerability management; awareness of current threats to confidentiality, integrity, and availability of data and controls to mitigate threatsStrong working knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls (e.
g.
, Centers for Medicaid and Medicare (CMS) MARS-E 2.
0, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT), and Federal Risk and Authorization Management Program (FedRAMP).
Experience or knowledge with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience or knowledge in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Working knowledge of TCP/IP and the functioning of its component protocols, ability to read, and analyze, using various toolsets such as tcpdump, wireshark, etc; how they work and what information they produce will be benificial in this role.
Understanding of basic defense-in-depth principles such as and secure system configuration, network segmentation and malicious code protection is a plus.
Information Systems' Security
Experience:
Experience working in a SOC environment is preferred.
Experience in operating and contributing to a security operations center responding to alerts and anomalies, creating and interpreting dashboards and triaging cross-functional teams is preferred.
Hands-on experience in the secure implementation, operation and on-going maintenance of computer systems, software, hardware and networks is preferred.
General Duties and
Responsibilities:
1.
Assist in the day-to-day duties of SOC monitoring activities, tools and processes2.
Provide hands-on support of OCS security tools3.
Conduct threat hunts (specialized searches) for evidence of compromise4.
Monitor security technologies for alerts5.
Investigating incidents, gathering evidence, and analyzing data6.
Analyze anomalous activity and potential threats to Agency connected resources7.
Collaborate with OCS Staff and other agency staff, leadership, business partners and other parties/stakeholders to support security and compliance risk mitigation efforts8.
Other duties as assignedREQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1.
Must have hands-on experience or educational background in IT System Security or System Administration2.
Experience with incident response procedures and practices3.
Must be willing to learn and take on new tasks4.
Willingness to work independently and as a member of a team5.
Willingness to collaborate and coordinate with multiple teams and vendors6.
Ability to multitask and prioritize tasks effectively in order to effectively report on the status of assigned work7.
Ability to multitask and prioritize tasks effectively in order to meet deadlines in a results-oriented environment8.
Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency9.
Strong understanding of enterprise operations & secure best practices10.
Ability to absorb, retain and communicate processes11.
Strong written and verbal communication skills.
12.
Ability to accept changes and constructive criticism and remain flexible in dealing with leadership and teams of varying technical and business knowledge.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1.
Prior Health Information Technology experience2.
Centralized Log Management experience3.
Familiarity with security regulatory requirements and standards (such as NIST 800 series, MARS-E)4.
Experience performing or supporting information security compliance assessments and audits5.
Work and/or consulting experience in federal, state, city or local government.
REQUIRED EDUCATION/CERTIFICATIONS:
1.
High school diploma with six years of relevant work experiencePREFERRED EDUCATION/CERTIFICATIONS:
1.
Bachelor degree in information technology, computer science, related technical field- with a minimum of 3 years relevant work exp.
2.
Information Security certifications such as:
CompTIA, ISC(2), SANS GIAC, CCNA Security, or similarAdditional Sills:
Incident response - requiredStrong understanding of enterprise operations & secure best practices- requiredStrong understanding of information technology and security concepts - requiredCyber security operations - requiredSkills:
CategoryNameRequiredImportanceLevelLast UsedExperienceAdministrativeSERVER ADMINISTRATIONNo4IntermediateWithin 5 Years2 - 4 YearsCloudcloud platforms / environmentsNo2AdvancedWithin 5 Years4 - 6 YearsEducationHigh School DiplomaYes1AdvancedCurrently Using2 - 4 YearsEducationBachelor's DegreeNo3AdvancedWithin 10 Years2 - 4 YearsEducationTechnical CertificationsNo3AdvancedWithin 10 Years2 - 4 YearsMiscellaneousKNOWLEDGE OF INFORMATION TECHNOLOGY FIELD, BEST PRACTICES, ORGANIZATION AND OPERATIONSYes1ExpertCurrently Using4 - 6 YearsMiscellaneousConsulting ExperienceNo1IntermediateWithin 10 Years2 - 4 YearsNetwork SecurityCybersecurityYes1ExpertCurrently Using4 - 6 YearsNetwork SecurityExperience in projects involving PCI/NIST security implementations and/or audits.
No1IntermediateWithin 10 Years2 - 4 YearsNetwork SecurityMARS-ENo3IntermediateWithin 5 Years2 - 4 YearsNetwork SecurityPenetration TestingNo4IntermediateWithin 5 Years1 - 2 YearsNetwork Securityrisk/vulnerability assessmentsNo4IntermediateWithin 5 Years2 - 4 YearsNetwork SecuritySecurity Information Event Management (SIEM) systems development / configurationNo1AdvancedWithin 5 Years4 - 6 YearsNetworking & DirectoriesINCIDENT MANAGEMENTYes1AdvancedWithin 5 Years4 - 6 YearsNetworking & DirectoriesInformation SecurityYes1ExpertCurrently Using4 - 6 YearsNetworking & DirectoriesNetwork securityNo1AdvancedWithin 5 Years4 - 6 YearsOperating Systems/APIsLinuxYes1AdvancedWithin 2 Years4 - 6 YearsOperating Systems/APIsWindowsYes1AdvancedWithin 2 Years4 - 6 YearsPackaged ApplicationsMicrosoftYes2AdvancedCurrently Using4 - 6 YearsProgram ManagementExperience working with risk managementNo1AdvancedWithin 5 Years2 - 4 YearsProtocolsFirewallNo1AdvancedWithin 5 Years2 - 4 YearsSoftware FramworkSoftware development life cycle (SDLC)No5AdvancedWithin 5 Years4 - 6 YearsSpecialtiesNIST SecurityYes1AdvancedWithin 2 Years4 - 6 YearsSpecialtiesMedicaid or healthcare experienceNo1IntermediateWithin 10 Years4 - 6 Years Recommended Skills Api Assessments Auditing Branding Cloud Computing Computing Platforms Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
