Information Security Analyst 3

About the job

Will be responsible for overseeing and coordinating all aspects of Information and Cybersecurity. Main duties will include developing, reviewing, updating, and enforcing security policies, processes, and procedures, as well as supporting our security awareness and training program. Additionally, you will play a key role in developing the information security portion of our business continuity and disaster recovery plans and ensuring compliance with industry regulations.

Must have a solid understanding of writing policies and procedures and the policy development process, security controls and their role in managing organizational risk and information system security. Must also have experience with implementing procedures and policies related to information and cybersecurity technology. The ability to manage multiple priorities with minimal supervision is also crucial.

Additional responsibilities include but are not limited to:

· Conducts threat research and look into impending IT trends, reviewing suspicious activities, reporting security breaches, and educating the rest of the Team on security measures; Perform Other Information and Cybersecurity related Job Duties, Functions and Tasks as assigned.

· Protect the Agency's network and systems from cyber-attacks by researching upcoming IT trends, creating contingency plans, reviewing suspicious activities, and reporting adverse security events

· Monitor network traffic for security incidents and events, investigate and respond in real time, write detailed incident response reports; Install, and operate firewalls, encryption programs, security tools, other security software

· Review, Revise, and Develop, security policies, processes, and procedures, business continuity and disaster recovery planning. Address industry related and government compliances issues.

Entry Qualifications

Bachelor's degree in information technology, Computer Science, Information Assurance, or a related field from an accredited college or university AND Six years of information technology experience, two years of which in information security or information assurance.

Required Skills & Experience

· Ability and experience to understand, manage, and implement security controls that are focused on managing organizational risk and information system security

· Experience recommending and devising sufficient countermeasures or safeguards to mitigate risk to acceptable levels.

· Demonstrated experience in policy research and understand the concept of applying that research to developing the policies and procedures related to information and cybersecurity technology.

· Demonstrated experience in technology assessments, handling multiple assignments and finding mutually acceptable solutions to security problems.

· Possesses knowledge and experience within an AD and Azure environment.

· Critical and analytical thinking skills

· Knowledge and Experience with Management control families including Risk Assessment, Vulnerability Assessments, Security planning, System and Services Acquisition and Security Assessment, and documenting technical processes.

• Knowledge and Experience with Data Security and knowing how to protect data by understanding encryption, access management, transmission control and internet protocols (TCPs and IPs), and the CIA Triad of confidentiality, integrity, and availability.
• Knowledge and Experience with SCCM.
• Knowledge and Experience with Active Directory, Microsoft Azure, and Intune.

•DOR will conduct a background check on all candidates considered for the position. Individuals must be compliant with Georgia tax obligations.

•Individuals having any overdue and unpaid taxes, or any felony convictions (no matter how long ago) will not be offered the position or hired.

•All employees will be fingerprinted.

Required/Desired Skills

Skill Required/Desired Amount of Experience Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university Required 0 Information technology experience Required 6 Years Information security or information assurance experience Required 2 Years Security+, CISSP, CISM, C-RISC, CISA, SANS certifications (MUST UPLOAD CERTIFICATIONS) Required 0 Experience with SCCM. Required 0 Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure Required 0 Technical knowledge in endpoint security, VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security Required 0 Experience with Active Directory and Intune. Required 0 Excellent analytical and critical thinking skills to identify possible threats. Required 0 Ability to work independently and prioritize multiple projects in a highly dynamic environment. Required 0 
 

Desired Skills and Experience

AWS