Security Analyst

Position Description: Security Analyst as part of the OIT Security Operations Center responsible for continuously monitoring and analyzing security events and alerts from various sources such as endpoint detection and response (EDR) systems security information and event management (SIEM) systems and cloud security controls to identify threats to State data or systems and coordinate incident response functions. Investigates and analyzes incidents determines impacts and takes appropriate actions toward mitigations. Follows incident response procedures coordinates with other teams and documents incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources to identify possible threats to network security. Perform cyber defense incident triage to include determining scope urgency and potential impact identifying the specific vulnerability and making recommendations that enable expeditious remediation. Perform realtime cyber defense incident handling (e.g. forensic collections intrusion correlation and tracking threat analysis and direct system remediation) tasks to support Cybersecurity Incident Response Teams (CIRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Write and publish cyber defense techniques guidance and reports on incident findings to appropriate constituencies.

Skills Required: Possess analytical and communication skills to effectively investigate a problem and find the ideal solution in a timely efficient manner. Strong ability to work effectively in collaboration with other members of a team and other professionals with minimal supervision. Strong ability to quickly learn new processes and technologies and to adapt to changes in sequences and timelines. Strong written and verbal skills to discuss security analysis for deriving conclusions and making recommendations. Being knowledgeable about the cybersecurity threat landscape.

Skills Preferred:

Experience Required: Two (2) years of experience in two or more of the following areas: Local/wide area network design or support; Information security administration; Database system design maintenance or support; Systems Administration.

Experience Preferred:

Education Required: An associate degree in Information Technology or CompTIA Security Certification

Education Preferred:

Additional Information: This is expected to be long term contract and will evaluated annually. The State would like to see only those candidates who are interested in converting to the merit system. This position does not offer Sponsorship. Candidate will work on site in Montgomery AL.