INFORMATION SECURITY ANALYST SENIOR

About The Position

Requirements

• Knowledge of Incident response and handling methodologies.
• Knowledge of Cyber-security and privacy principles, and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of how traffic flows across the network (e.g.; Transmission Control Protocol [TCP] and Internet Protocol [IP]).
• Knowledge of Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• Knowledge of Virtual Private Network (VPN) security.
• Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
• Knowledge of Vulnerability assessment, analysis and threat modeling techniques for prioritization purposes.
• Knowledge of Web filtering technologies.
• Knowledge of Cyber defense and information security policies, procedures, and regulations.
• Knowledge of Basic system, network, and OS hardening techniques.
• Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
• Knowledge of Network traffic analysis (tools, methodologies, processes).
• Knowledge of Current Windows operating systems including web services.
• Knowledge of Phishing and other exploitation techniques.
• Skill in Understanding host/network access controls (e.g., access control list).
• Skill in Using incident handling methodologies.
• Skill in Using Virtual Private Network (VPN) devices and encryption.
• Skill in Securing network communications.
• Skill in Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Skill in System, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• Skill in Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Skill in Assessing security logs and information from multiple sources to manually correlate information and arrive at a defensible assessment.
• Ability to Prepare content appropriate information and presentations from raw data to various levels of audience.
• Ability to Research and learn independently.
• Ability to Collaborate.
• Ability to Quickly identify, interpret, assess, and react to security related events and notifications.
• Driver’s License Requirements. Any employee operating a motor vehicle on State business must possess and retain a current, valid class-appropriate driver’s license, complete all required training, and successfully pass all necessary driver’s license record checks. The license must be current, unexpired, and neither revoked nor suspended. Employees who drive on state business are subject to driver’s license record checks, must maintain acceptable driving records, and must complete all required driver training. An employee who operates a personally owned vehicle on state business shall maintain the statutorily required liability insurance (see Arizona Administrative Code (A.A.C.) R2-10-207.11).
• Successfully pass background and reference checks; employment is contingent upon completion of the above-mentioned process and the agency’s ability to reasonably accommodate any restrictions.
• All newly hired State employees are subject to and must successfully complete the Electronic Employment Eligibility Verification Program (E-Verify).
• Employee shall obtain and maintain a valid Level One fingerprint clearance card that meets DES requirements for a Level One card pursuant to Arizona Revised Statute 41-1969.
• Bachelor's degree plus 3 or more years of experience in information security analysis (or equivalent experience).

Nice To Haves

• CySA+ Security Certification or higher strongly preferred

Responsibilities

• Conducts traffic analysis to identify and characterize threats.
• Assist in the implementation of new services and improvement of existing security services including installation and monitoring, specifically ensuring security and compliance requirements are met or exceeded and that the service meets sustainability goals.
• Generates leadership reports, metrics and audit quality artifacts of service execution.
• Identify and remediate deficiencies and proactively solve problems.
• Implement new software, upgrades, patches and fixes to ensure that security platforms and services are healthy and running as expected.
• Assist with the coordination of security activities with other IT functional teams concerning the implementation of new security services and solutions.
• Provide security guidance concerning required remediation activities.
• Regularly review the threat landscape for emerging threats to the organization.
• Make assessments concerning the findings and socialize them within the security team.
• Determine if alteration is required or recommended to existing security services and solutions to protect against these threats.
• Maintain and update Security Services Catalog where appropriate - inclusive of Tasks, Checklists, Procedures and Metrics.

Benefits

• Affordable medical, dental, life, and short-term disability insurance plans
• Participation in the Arizona State Retirement System (ASRS) and long-term disability plans
• 10 paid holidays per year
• Paid vacation and sick time
• Paid Parental Leave-Up to 12 weeks per year paid leave for newborn or newly-placed foster/adopted child.
• Deferred compensation plan
• Wellness plans
• Tuition Reimbursement
• Stipend Opportunities
• Infant at Work Program
• Rideshare and Public Transit Subsidy
• Career Advancement & Employee Development Opportunities