Cybersecurity Analyst

About The Position

Requirements

• CompTIA Security+ and/or CompTIA CySA+ required.
• CJIS certified or ability to obtain certification within 30 days of employment.
• Ability to utilize information from a variety of sources including frameworks, guidelines, threat-intelligence, and industry best-practices to inform decision making.
• Knowledge of security technologies, including firewalls, proxies, SIEM, antivirus software, and IDPs.
• Knowledge of network and cabling theory and applications.
• Knowledge of network protocols, architecture, datacenter environments, and system design.
• Strong knowledge of vulnerability scanning, penetration testing, network security, and the techniques used to expose and correct security flaws.
• Knowledge of current Microsoft Server operating systems and server hardware.
• Knowledge of enterprise server virtualization.
• Knowledge of enterprise storage and backup technology.
• Knowledge of Disaster Recovery methods.
• Knowledge of Cisco switch, routing, and firewalls.
• Knowledge of Security Awareness Training and Phishing Campaign applications.
• Strong skills in documentation and standard/policy development.
• Ability to think critically and innovatively about security solutions.
• Technical aptitude to adapt and learn in a rapidly changing environment and solve complex problems.
• Technical competency to assess and propose security controls to address security gaps.
• Working knowledge of industry best practices and common compliance frameworks such as HIPAA, PCI, NIST.
• Skilled in log and packet analysis.
• Ability to take initiative with minimal supervision.
• Ability to perform well under pressure and in disruptive environments.
• Strong interpersonal skills and demonstrated ability to work effectively with internal/external customers and colleagues.
• Knowledge of TCP-IP networks.
• Ability to work non-traditional hours.
• Proficient with Microsoft Windows operating systems.
• Communicate clearly and concisely, both orally and in writing.
• Up-to-date knowledge of security threats and exploitation techniques.
• A bachelor’s degree in Cybersecurity, Information Security, Computer Information Systems, Technology Management, or closely related field; OR at least three (3) years’ experience working in technology or information security role.
• Experience and training in Windows Servers, Networking, Firewalls, and Vulnerability scanning are required.
• Experience administering information security systems to include the following: information security architecture, information security procedures and controls, physical security, attack & penetration testing, application testing, information assurance gap analysis, and incident response.
• Any equivalent combination of education, training, and experience which provides the required knowledge, skills, and abilities may be considered.
• Must pass a pre-employment criminal record background check.
• Successful candidates must submit to post-offer, pre-employment physical examination, and medical history check, if required.
• Regular standing and sitting; the ability to lift a maximum of forty pounds; occasional lifting, carrying, walking, and standing; hand/eye coordination for operation of computer keyboard; vision for review and analysis of data and reports; frequent speech communication, hearing, and listening to maintain communication with employees and agencies.
• This job requires normal hearing and color vision.
• Office environment with frequent interruptions; will interact with employees and member agencies daily; some computer system user contact; exposure to computer screens; potential exposure to inclement weather; travels from site to site.
• Provide twenty-four (24) hour, seven (7) day a week remote availability for the emergency diagnosis of critical IT related problems.

Nice To Haves

• GIAC, OSCP, CISSP, CCSP, or other equivalent certifications strongly preferred but not required.
• Knowledge of CJIS is preferred.
• Working knowledge and training in Microsoft Azure, Active Directory and O365 system and security administration preferred.
• Familiarity and prior experience with Managed Detection and Response (MDR) solutions such as Crowdstrike and/or Arctic Wolf.

Responsibilities

• Monitor systems and networks for malicious activity.
• Perform regular vulnerability scans and participate in remediation efforts.
• Participate in internal and external security & compliance audits.
• Design, install, configure, coordinate implementation, and monitor security systems
• Respond to operational alerts, which include ADCOM’s monitoring intrusion detection and prevention system, firewalls, data encryption and other cyber security systems, technologies, and platforms.
• Detect, investigate, and resolve security incidents and threats using ADCOM’s SIEM solution.
• Utilize reports and respond to real-time alerts.
• Promote activities to create information security awareness throughout the organization and function as SME, providing cybersecurity training to all end-users.
• Assist with day-to-day operations within the ADCOM IT team.
• Attend conferences and training as required to maintain proficiency.
• Research and stay up to date on latest threats, vulnerabilities, tools, techniques, compliance, laws, regulations, and cybersecurity best-practices.
• Assist in the preparation of bid specifications and requests for proposals and function as the project manager and/or technical lead for implementing new security systems monitoring, and policy enforcement platforms.
• Assist with any external auditing functions, including CJIS and other system audits.
• Coordinate regular penetration testing with external vendors & partners.
• Oversee ADCOM’s physical security projects, including card access, personnel access permissions, security camera projects, and camera footage maintenance.
• Assist with leading security investigations
• Identify, contain, and remediate end-user-related security incidents (viruses, credential compromises, etc.)
• Review Cybersecurity plan, including policies, procedures, and guidelines and standards annually.
• Coordinate any changes to the Incident Response Plan and the overall IT Cybersecurity Policies/Standards with the Technology Manager and Assistant Technology Manager (IT).
• Work closely with the Network Engineer and Systems Administrators to address security requirements for all systems, whether on-premises or cloud-hosted.
• Document all work products and progress.
• Ensure commitments are met to internal and external customers/member agencies.
• Demonstrates strong customer service skills, including clear communication, professionalism, and the ability to effectively assist and support a diverse range of stakeholders.
• Must be able to work a flexible schedule when required to operate during maintenance windows.
• Respond to critical system outages outside of normal business hours on a 24/7 basis.
• Participate and attend all North Central Region Cybersecurity Committee meetings.
• Perform other related duties and responsibilities as required.