IT Security Analyst 3 (Hybrid)

Job Title: IT Security Analyst 3 (Hybrid)

Location: Richmond VA

Duration: 12 Months

Job Description:

The Client is seeking a highly motivated Security Analyst to support cybersecurity operations within the Operations Technology (OT) environment with a specific focus on the integration and ongoing monitoring of the client systems.

Key Responsibilities

• Monitor security alerts and logs for tolling-related infrastructure using existing SIEM and other monitoring tools.
• Analyze investigate and triage security events and potential incidents involving tolling back-office systems and devices.
• Coordinate with Tolling Division personnel vendors and OT operations teams to facilitate incident response forensics and remediation activities.
• Assist in onboarding tolling systems into the OT cybersecurity monitoring process including asset inventory log ingestion and configuration baselines.
• Perform security assessments and reviews of tolling systems for vulnerabilities misconfigurations and gaps in compliance with standards such as NIST 800-53 NIST 800-82 and agency-specific policies.
• Participate in the development and maintenance of incident response procedures and playbooks specific to tolling infrastructure.
• Contribute to regular security reporting dashboards and metrics for tolling systems.
• Collaborate with internal and external stakeholders to enhance the security posture of the tolling environment.

Required Skills:

• Bachelors degree in Cybersecurity Information Technology Engineering or a related field; OR equivalent experience.
• 3 years of experience in cybersecurity with at least 1 year supporting azure IIS Active Directory SQL database and critical infrastructure environments.
• Familiarity with SIEM tools log analysis and incident response workflows.
• Familiarity with PCI DSS 4.0 security requirements.
• Working knowledge of networking protocols system hardening and asset inventory practices.
• Strong analytical communication and collaboration skills.

Preferred Skills:

• Experience supporting or securing tolling systems traffic management infrastructure or roadside equipment.
• Knowledge of security frameworks such as PCI DSS NIST 800-53 NIST 800-82 or CIS Controls.
• Certifications such as GICSP GCIA CompTIA Security or CISSP.
• Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components.

Requirements:

• Experience supporting or securing tolling systems traffic management infrastructure or roadside equipment - Highly desired 5 Years
• Knowledge of security frameworks such as PCI DSS SEC 530 NIST 800-53 NIST 800-82 or CIS Controls - Highly desired 5 Years
• Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components - Highly desired 5 Years