IOT Info Security Analyst (3307)
Job Description:
Selected resource will be the point of contact for one or more agencies. For agencies new to the service, the individual will be responsible for creating reports based upon existing templates that assesses the agency’s current security posture across several subject areas including, but not limited to, policy compliance, asset/software management, and vulnerability management. The individual will then be responsible for conducting meetings with their assigned agency to address any issues found and assist with the remediation efforts. For agencies already participating in the service, the individual will assist the agency in continuing to remediate any issues found in the initial report and begin working towards the next phase of the program. This role assists other engineers on the larger Security Team with the use of tools and their outputs to enhance the security of state information.
Responsibilities:
• Provides routine security administration
• Professionally handle communications with internal and external stakeholders on compliance issues
• Educate control and system owners on compliance workflows and processes
• Gather and report on established metrics within the security compliance programs
• Maintain State and Federal security control framework’s adherent to CIS, NIST, and Indiana State policies
• Assists in defending systems against unauthorized access, modification and/or destruction
• Monitors and address security alerts, incidents and disasters
• Assists with supporting network, intrusion detection and prevention systems
• Delivers technical reports and work with agencies on findings
• Implements effective tools and processes to protect computers, networks, software, data and information systems against any possible attacks
• Assists senior staff with security upgrades, tools and countermeasures
• Uses outputs from security tools such as anti-virus software, monitoring tools, vulnerability scanning, SIEM, IPS/IDS etc.
• Supports security standards, security systems and authentication protocols
Experience Needed:
- Moderate understanding of security concepts, risk, and demonstrated communication skills
- Resource must have solid communication skills
- Demonstrated technical competence showing the capability of growing into a resource that can improve state defensive capabilities
- Understand concepts behind technical tools to conduct assessments on the environment and play a role in processes
- Ability to work autonomously and handle multiple assignments
- Strong written communication skills
- Network +
- Security +