INFORMATION SECURITY ANALYST IV - 37011231

State of FloridaTallahassee, FL
1d$53,000 - $60,000Onsite

About The Position

DEP’s Office of Technology and Information Services (OTIS) is currently recruiting for an Information Security Analyst IV. This is a highly technical position that assists in the creation and execution of operational security initiatives on a continuing basis to improve the agency’s information security posture. The incumbent of this position will represent OTIS and must be helpful, cooperative, polite, respectful, and courteous at all times in interactions with customers.

Requirements

  • 4 years’ experience in an Information Technology customer service position
  • 2 years’ experience working to create, maintain, establish, and review complex programmatic scripting languages such as PowerShell, WSH, Python, or Pearl
  • 1 years’ experience in a technical position requiring status updates and communication directly with customers and/or leadership staff
  • Strong communication skills and the ability to prepare and present papers, briefings, and other materials to leadership
  • Strong ability to work across multiple organizations to find consensus
  • Strong communication skills (oral and written) with the ability to communicate with all levels of cybersecurity and incident response within the organization
  • Intermediate knowledge of various industry-standard cybersecurity frameworks
  • Excellent analytical and technical skills
  • Knowledge of communication imperatives and the ability to provide status updates to technical and management-level team members
  • Ability to maintain perspective during crisis-level incidents
  • Ability to assist with non-routine and unforeseen administrative tasks because of incidents, activations, or direction of leadership
  • Experience developing business cases for technical projects
  • In person attendance is an essential function of this position.

Nice To Haves

  • Preference will be given to applicants with certifications in CompTIA Security+, ISC2 Certified in Cybersecurity (CC), Certified Ethical Hacker (CEH), and/or Microsoft AZ-500.

Responsibilities

  • Assist in the creation, maintenance, and establishment of information security incident response plans and procedures.
  • Developing and maintaining processes or protocols to ensure security requirements are incorporated into the change control process.
  • Establishing and maintaining policy and regulatory expectations for protection of the physical operating environment for agency-owned or managed IT resources.
  • Establishing and maintaining a policy and procedure review process that facilitates continuous improvement to protection processes.
  • Assist with the following ISM duties required per Rule 60GG-2:
  • Establishing and maintaining an information security program that includes information security policies, procedures, standards, and guidelines
  • Establishing and maintaining an information security awareness program
  • Establishing and maintaining information security risk management process, including the comprehensive risk assessment required by section 282.318, F.S.
  • Establishing and maintaining computer Security Incident Response Team
  • Establishing and maintaining a disaster recovery program that aligns with the agency’s Continuity of Operations (COOP) Plan
  • Proactively research latent security threats and recommend risk mitigation actions
  • Performing information security investigations that could potentially impact the employment status of employees (OPS, career service, SES, SMS, contractors)
  • Performing information security investigations in conjunction with the Inspector General’s Office and law enforcement agencies
  • Review and modify firewall rules iteratively to be more secure.
  • Manage and configure the agency’s endpoint security solution.
  • Respond to information security incidents and execute countermeasures.
  • Create, maintain, establish, and review application security standards and implementation plans and procedures as part of a secure software development lifecycle process.
  • Review access requests and provide access control oversight.
  • Maintain technical skillset to adapt to new technologies as they emerge including researching and recommending security-focused training for themselves and others in the division.
  • Ensure cryptographic standards are maintained in systems and applications.
  • Maintain compliance with CJIS (criminal justice) systems and recommend technologies and procedures, if required, for on-premises and cloud-based CJIS infrastructure.
  • Evaluate desktop policies to ensure proper patching levels and security policies are maintained.
  • Assist with non-routine and unforeseen administrative tasks because of incidents, activations, or direction of leadership.
  • Research, analyze, draft, and implement cybersecurity policies and best practices which support DEP Enterprise.
  • Monitor trends and coordinate with the Information Security Manager in order to identify needed changes to cybersecurity rules and policies.
  • Perform other duties as assigned.
  • Attendance is an essential function of this position.

Benefits

  • Annual and Sick Leave benefits;
  • Nine paid holidays and one Personal Holiday each year;
  • State Group Insurance coverage options, including health, life, dental, vision, and other supplemental insurance options;
  • Retirement plan options, including employer contributions (For more information, please click www.myfrs.com);
  • Tuition waivers;
  • Total Compensation Estimator Tool
  • And more!
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service