Security Analyst - Advanced
Role details
Job location
Tech stack
Job description
Responsible for securing and monitoring the agency's critical applications and network for the Department of Social Services. The Department seeks a highly motivated individual who has the skills and experience needed to support this Office's mission in protecting the Agency's digital environment., * Candidate should be an expert security administration and security continuous monitoring., * Planning, implementing, upgrading, and monitoring security measures for the protection of computer network security and information - both LAN and cloud based.
- Develop and implement security policies, procedures, and standards to protect the organization's data and assets.
- Monitoring and reporting on SIEM and EDR event data.
- Maintaining records of security events investigated and incident response activities.
- Serve as a Tier III security support on the agency's security team.
- Conduct security assessments of systems, networks, and applications to identify vulnerabilities and risks.
- Work with and provide mentorship to other information security team members on security strategies, processes, response, and technologies.
- Respond to security incidents and breaches, and work to mitigate the impact and prevent future incidents.
- Provides incident response support, threat assessment, and computer forensic investigations.
- Coordinate and assist with other Information Technology functions/teams to accomplish agency security objectives.
- Creating risk analysis documents when reviewing system functional specifications including use cases, activity, sequence, data flow, collaboration, and diagrams.
- Create security report using complex SQL queries, API integrations, and Power BI.
- Knowledge of blue team tools such as SCAP workbench, vulnerability scanning, and hardening techniques.
- Knowledge of red team tools such as nmap, wireshark, Metasploit, and password crackers.
Requirements
- Candidate should be an expert in performing log analysis, risk analysis, incident response processes, and investigation procedures. This includes experience working in a security operations center and working with security tools including SIEM, EDR/XDR, IPS/IDS. Candidate should have experience with data blending and report generation., * 4+ years of experience with SIEM, EDR/XDR, and IPS/IDS
- 4+ years of experience with security documentation
- 4+ years of experience with C/C++, Python, or Powershell
- 4+ years of experience with Red/Blue Team
- 4+ years of experience with Office 365 Security Administration
REQUIRED EDUCATION/CERTIFICATIONS: Bachelor's or higher degree in Computer Science or other quantitative discipline or equivalent work experience.
PREFERRED SKILLS:
- Preference will be given to experienced Security Operation Center (SOC) security analyst.
- SQL/Scripting (reports and automation) experience.
PREFERRED EDUCATION/CERTIFICATIONS: Any of the below.
- CISSP
- CCSP
- SSCP
- CEH