INFORMATION SECURITY ANALYST II - 55010693

About The Position

Requirements

• Knowledge of various computing networking technologies including, but not limited to, Windows, Windows Server, switches, routers, and Transmission Control Protocol/Internet Protocol (TCP/IP).
• Knowledge of perimeter technologies such as firewalls, proxies, and intrusion detection/prevention systems (IDS/IPS) tools.
• Knowledge of key information security technologies and concepts such as end point protection, vulnerability management, data loss prevention, security information and event management (SIEM), and whitelists/blacklists.
• Knowledge of information technology standards applicable to State of Florida Agencies.
• Skilled in the detection of software and hardware security problems.
• Skilled at applying, analyzing and assessing information systems and security controls.
• Ability to assess and analyze information technology risk; provide recommendations to mitigate risk including the implementation of appropriate security controls based on applicable standards, and author meaningful documented analysis of systems to verify compliance with security controls.
• Ability to effectively communicate verbally and in writing to a variety of audiences including the ability to communicate technical issues and concepts to non-technical staff.
• Ability to solve problems independently and with teams and exhibit sound judgement and decision making skills.
• Ability to build and maintain professional interpersonal working relationships, think logically, use deductive reasoning and exhibit analytical skills.
• Ability to manage and track multiple projects/initiatives while prioritizing and managing competing work assignments in a time sensitive environment.
• Ability to perform security assessments, report on and track identified vulnerabilities while assisting in the coordination of remediation efforts with cross-functional teams, and drive closure of the identified vulnerabilities.
• Ability to monitor compliance of Information Security policies and procedures among employees, contractors, partners and other third parties.
• Ability to assist the Information Security Manager in the development, review and maintenance of security policies, procedures and processes.
• Ability to perform Security Incident Response activities and interaction with broader agency incident responses as needed.
• Ability to be self-motivated, very detail-oriented with excellent follow through.
• Ability to analyze complex technical architectures for security issues.
• Six years of experience in computer systems analysis, computer programming, desktop or network support, planning or designing distributed computer systems; cybersecurity, management of information systems or other areas that reflect the skills required in this position.
• Secondary education in an area that reflects the skills required in this position can substitute on a year for year basis of the required experience.
• Completion of a professionally accepted certification (such as CISSP, CISA, CISM, PMP) that reflects the skills required in this position can substitute for up to one year of the required experience.

Responsibilities

• Coordinate and track items assigned to the Department’s Information Security Management Team.
• Evaluate events within the Information Technology (IT) environment to identify if they are security incidents.
• Take ownership and resolve Tier 1 incidents, such as lost devices, shared accounts, or reports from monitoring systems.
• Assign and coordinate with other areas of IT (Application Development, Network Support, Desktop Support, Enterprise Architects, etc.) for items that must be addressed by others.
• Identify the logical steps to be taken to analyze and eventually resolve incidents.
• Use knowledge of enterprise-level Microsoft environment to make assessments and recommendations regarding events/incidents.
• Document the ongoing work efforts, lessons learned, and final resolution for incidents to ensure they can be fully reviewed and understood in the future.
• Communicate with assignees on open tasks to ensure a timely and complete resolution.
• Communicate with appropriate management on the status of incidents.
• Report incidents to the State Chief Information Security Officer (CISO) as required by Florida Cybersecurity Standards F.A.C 60-GG2.
• Report status of incidents to involved parties such as CSIRT Working Team, CSIRT Core Team, and Information Security Manager.
• Provide metrics from the Service Now CSIRT Module on incidents for use by ISM and Deputy ISM in meetings and planning.
• Assist the Information Security Manager in the development, documentation, implementation and maintenance of the Department's Agency-wide Information Security program for assigned responsibility areas.
• Maintain expertise on applicable state and federal information security standards to support and progress the Information Security program.
• Develop, review and maintain security policies, procedures and standards to support the program.
• Perform ad-hoc and formal security assessments to ensure administrative, operational and technical controls are sufficient to meet acceptable departmental risk levels.
• Identify, analyze and track identified risks and vulnerabilities, while assisting in the coordination of remediation efforts with cross-functional teams to drive closure of the identified vulnerability.
• Review and advise on security risks associated with the implementation of IT Systems through the review of System Security Plans.
• Serve as a Project Coordinator/Task Lead for security-related initiatives.
• Coordinate the work of staff statewide to ensure successful project completion.
• Ensure projects are run and reported according to required standards.
• Consult with FDOT business offices to promote cybersecurity concepts and tools that may be unique to their environment.
• Maintain expertise and skills to serve as a trusted resource for business offices on cybersecurity issues.

Benefits

• Health insurance (over 90% employer paid)
• $25,000 life insurance policy (100% employer paid)
• Dental, vision and supplemental insurances
• State of Florida retirement package
• 10 paid holidays a year
• Generous vacation and sick leave
• Career advancement opportunities
• Tuition waiver for public college courses
• A variety of training opportunities
• Employee Assistance Program (EAP)