About The Position

The Information Security Management Office is looking for a team member to support the critical function of protecting the Department’s IT assets and data. You do not have to be a cybersecurity expert to succeed in this position! If you have a background in technology, application development, project management or even audit this position can be your step into cybersecurity. The ideal candidate will have analytical skills, can think logically, can communication clearly and can work in a fast-paced environment. Come join us in one of the most exciting fields around! The Information Security Analyst II role is responsible for managing and resolving Tier 1 security incidents, coordinating with IT teams, and ensuring compliance with Florida Cybersecurity Standards. This position supports the development and maintenance of the agency-wide security program, performs risk assessments, and oversees remediation efforts. Additional responsibilities include reporting metrics, advising on security risks for IT systems, leading security-related projects, and serving as a trusted resource to promote cybersecurity best practices across business units.

Requirements

  • Knowledge of various computing networking technologies including, but not limited to, Windows, Windows Server, switches, routers, and Transmission Control Protocol/Internet Protocol (TCP/IP).
  • Knowledge of perimeter technologies such as firewalls, proxies, and intrusion detection/prevention systems (IDS/IPS) tools.
  • Knowledge of key information security technologies and concepts such as end point protection, vulnerability management, data loss prevention, security information and event management (SIEM), and whitelists/blacklists.
  • Knowledge of information technology standards applicable to State of Florida Agencies.
  • Skilled in the detection of software and hardware security problems.
  • Skilled at applying, analyzing and assessing information systems and security controls.
  • Ability to assess and analyze information technology risk; provide recommendations to mitigate risk including the implementation of appropriate security controls based on applicable standards, and author meaningful documented analysis of systems to verify compliance with security controls.
  • Ability to effectively communicate verbally and in writing to a variety of audiences including the ability to communicate technical issues and concepts to non-technical staff.
  • Ability to solve problems independently and with teams and exhibit sound judgement and decision making skills.
  • Ability to build and maintain professional interpersonal working relationships, think logically, use deductive reasoning and exhibit analytical skills.
  • Ability to manage and track multiple projects/initiatives while prioritizing and managing competing work assignments in a time sensitive environment.
  • Ability to perform security assessments, report on and track identified vulnerabilities while assisting in the coordination of remediation efforts with cross-functional teams, and drive closure of the identified vulnerabilities.
  • Ability to monitor compliance of Information Security policies and procedures among employees, contractors, partners and other third parties.
  • Ability to assist the Information Security Manager in the development, review and maintenance of security policies, procedures and processes.
  • Ability to perform Security Incident Response activities and interaction with broader agency incident responses as needed.
  • Ability to be self-motivated, very detail-oriented with excellent follow through.
  • Ability to analyze complex technical architectures for security issues.
  • Six years of experience in computer systems analysis, computer programming, desktop or network support, planning or designing distributed computer systems; cybersecurity, management of information systems or other areas that reflect the skills required in this position.
  • Secondary education in an area that reflects the skills required in this position can substitute on a year for year basis of the required experience.
  • Completion of a professionally accepted certification (such as CISSP, CISA, CISM, PMP) that reflects the skills required in this position can substitute for up to one year of the required experience.

Responsibilities

  • Coordinate and track items assigned to the Department’s Information Security Management Team.
  • Evaluate events within the Information Technology (IT) environment to identify if they are security incidents.
  • Take ownership and resolve Tier 1 incidents, such as lost devices, shared accounts, or reports from monitoring systems.
  • Assign and coordinate with other areas of IT (Application Development, Network Support, Desktop Support, Enterprise Architects, etc.) for items that must be addressed by others.
  • Identify the logical steps to be taken to analyze and eventually resolve incidents.
  • Use knowledge of enterprise-level Microsoft environment to make assessments and recommendations regarding events/incidents.
  • Document the ongoing work efforts, lessons learned, and final resolution for incidents to ensure they can be fully reviewed and understood in the future.
  • Communicate with assignees on open tasks to ensure a timely and complete resolution.
  • Communicate with appropriate management on the status of incidents.
  • Report incidents to the State Chief Information Security Officer (CISO) as required by Florida Cybersecurity Standards F.A.C 60-GG2.
  • Report status of incidents to involved parties such as CSIRT Working Team, CSIRT Core Team, and Information Security Manager.
  • Provide metrics from the Service Now CSIRT Module on incidents for use by ISM and Deputy ISM in meetings and planning.
  • Assist the Information Security Manager in the development, documentation, implementation and maintenance of the Department's Agency-wide Information Security program for assigned responsibility areas.
  • Maintain expertise on applicable state and federal information security standards to support and progress the Information Security program.
  • Develop, review and maintain security policies, procedures and standards to support the program.
  • Perform ad-hoc and formal security assessments to ensure administrative, operational and technical controls are sufficient to meet acceptable departmental risk levels.
  • Identify, analyze and track identified risks and vulnerabilities, while assisting in the coordination of remediation efforts with cross-functional teams to drive closure of the identified vulnerability.
  • Review and advise on security risks associated with the implementation of IT Systems through the review of System Security Plans.
  • Serve as a Project Coordinator/Task Lead for security-related initiatives.
  • Coordinate the work of staff statewide to ensure successful project completion.
  • Ensure projects are run and reported according to required standards.
  • Consult with FDOT business offices to promote cybersecurity concepts and tools that may be unique to their environment.
  • Maintain expertise and skills to serve as a trusted resource for business offices on cybersecurity issues.

Benefits

  • Health insurance (over 90% employer paid)
  • $25,000 life insurance policy (100% employer paid)
  • Dental, vision and supplemental insurances
  • State of Florida retirement package
  • 10 paid holidays a year
  • Generous vacation and sick leave
  • Career advancement opportunities
  • Tuition waiver for public college courses
  • A variety of training opportunities
  • Employee Assistance Program (EAP)
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service