Senior IT Security Analyst (Risk)

Description

The Senior IT Security Analyst (SISA) (Risk) is a cybersecurity professional who is a key contributor to the AOC’s Information Security program.

The primary duties of this position consist of addressing cybersecurity risk and analyzing the potential business and customer risk, aligning processes and controls to the relevant frameworks and providing resolution and mitigation recommendations. Additional responsibilities include assisting with vulnerability management, application security and Information Security awareness programs.

Also, the SISA (Risk) is instrumental in developing procedures for, and serves as a member of, the Enterprise Incident Response Team.

Duties

Risk assessment

• Perform security reviews on current and new home grown or 3rd party applications to identify security gaps. This includes the review of security controls and access permissions, threat models, vulnerabilities, and data protection measures, etc.
  • Develop short- and long-term prioritized remediation to address gaps and document with a Plan of Action and Milestones (POAM).
• Collaborate with internal and external teams to create security documentation, such as risk assessments, specific to applications as well as Network diagrams, Threat models, Business Analysis, etc.
• Maintain the security documentation to ensure security practices are well-described and accessible to relevant stakeholders.

Compliance

• Assess compliance with relevant security standards, regulations, and frameworks (e.g., PCI DSS, Microsoft Cloud Security Benchmark (MCSB), NIST, CIS, OWASP, FISMA, StateRAMP, and FedRAMP frameworks, etc.). This involves conducting audits, assessing compliance gaps, and implementing necessary controls.
• Work with the various teams to validate the implementation of data protection measures, such as data loss prevention (DLP), encryption, and backup strategies.

General tasks

• Contribute to the development of the incident response plan and implement to address security incidents and breaches. This involves coordinating with cross-functional teams, external vendors and authorities, and implementing remediation measures.
• Collaborate with other IT teams to ensure security activities are integrated into overall operations.
• Work cooperatively with others as an active member of a team.
• Seek out industry knowledge and certifications to stay up to date with emerging cloud security trends and threats.

Qualifications

Education 

A combination of education, experience, and certifications demonstrating a working knowledge of the functions and work of the SISA may substitute for qualifications listed.

A Bachelor’s degree in Computer Science, Cybersecurity, Software/Computer Engineering, or a closely allied field; AND:

• Seven (7) years of progressively responsible experience in a combination of the following:

1. Maintaining security standards for a medium or large government agency or organization (state or federal)
2. Addressing complex issues such as application security, access management, risk analysis, security assessments, and vulnerability analysis.

Certifications, Memberships, Licensure or Permits:

Acceptable professional IT certifications that are current can be substituted for up to three (3) years of experience with each certification equivalent to one (1) year of experience.

Acceptable certification(s) include, but are not limited to:

• (ISC)2 – CISSP, CCSP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP, CSSLP

• ISACA – CISA, CISM, CSX-P

• CompTIA – Security+ CE, CySA+, CASP+, PenTest+

• SANS – GIAC advanced certifications

*Ensure your certification numbers are included in the online application form*

• Excellent verbal and written communication skills with the ability to translate technical concepts into clear and compelling messaging for diverse audiences.
• In depth experience with conducting audits or risk assessments, implementing controls, and managing remediation efforts.
• In-depth knowledge of cybersecurity frameworks such as NIST, CIS, etc.
• Familiarity with systems and network infrastructure security technologies, including application/OS hardening techniques, network protocols, firewalls, intrusion detection systems, etc.
• Basic understanding of fundamental security and network concepts (Windows security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.)
• Experienced working with the following tools, risk assessment, vulnerability management, threat modeling, network analysis tools, etc.

• The workweek may fluctuate depending on workload or agency needs.
• Overnight travel may be required based on business needs.
• This position is not overtime eligible.

The AOC is an equal opportunity employer and does not discriminate based on gender, pregnancy, race, color, national origin, ancestry, religion, creed, physical, mental or sensory disability (actual or perceived), use of a service animal, marital status, sexual orientation, gender identity or expression, veteran or military status, age, HIV or Hepatitis C status, or any other basis protected by federal or state law. Persons of disability needing assistance in the application process, or those needing this announcement in an alternative format, please contact the AOC Human Resource Office, at (360) 705-5337, or fax (360) 586-4409, or via email to [email protected]. 

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and complete the required employment eligibility verification form upon hire.

SPECIAL NOTE: Before a new hire, a background check, including criminal history, will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant’s suitability and competence to perform in the job.