TAX - IT Security Operations Analyst

TAX Security Analyst
Onsite will be 3 days with Wednesday each week being a must!
Parking is NOT provided for contractors but there is monthly/weekly parking close by.
MAX VENDOR RATE: $$$



Pls note: Initial web based IVs will be conducted but pls note an IN PERSON may also be required as a follow up if mgr requests.


Onsite will be 3 days with Wednesday being a must be onsite each week
Parking not provided for contractors but there is monthly/weekly parking close by.

ABOUT THE ROLE

Virginia Tax is seeking a Security Analyst with 3 years of experience to join the Office of Technology to investigate unusual activity to protect agency systems and data and help strengthen the agency s security posture.


The successful candidate will monitor Splunk (SIEM) and other security tools user and system actions and audit logs for security incidents involving unusual and unauthorized activities and provide incident response. In addition this position will prioritize and triage security events based on severity potential impact and risk factors and document all security events and investigations thoroughly and accurately along with implementing remediation actions for findings. And lastly develop and implement automation solutions to improve efficiency and accuracy of security operations.

Responsibilities include but not limited to:

Continuously monitor security events and alerts from Splunk (SIEM) IDS/IPS endpoint detection and response (EDR) and other security tools.

Prioritize and triage security events based on severity potential impact and risk factors.

Investigate suspicious activity to determine the root cause and potential threat.

Document all security events and investigations thoroughly and accurately.

Stay abreast of emerging threats vulnerabilities and attack trends relevant to the Virginia Tax s environment.

Proactively hunt for threats using advanced techniques and analysis tools.

Analyze identified threats to determine their potential impact and advise on mitigation strategies.

Participate in incident response activities as part of the designated incident response team.

Assist with containment eradication and recovery efforts as directed.

Analyze incident data and provide insights to support the investigation and remediation process.

Document and report all incident response activities for future reference.

Generate regular reports on security trends threats and vulnerabilities.

Present findings and recommendations to management.

Configure and maintain security tools and automation scripts to optimize alert generation and response efforts.

Develop and implement new automation solutions to improve efficiency and accuracy of security operations.

Maintain effective communication with office of technology teams security leadership and business users.

Effectively collaborate with other SOC analysts and team members to ensure coordinated responses.

Security event analysis threat intelligence and Incident response reports and security trend reports and recommendations

Documentation of security tooling and automation configurations

Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)

Number and severity of security incidents identified and mitigated

Effectiveness and efficiency of security tools and automation

Required Skills/Experience:

Bachelor s degree in information technology Cybersecurity industry security certifications or a related field or equivalent experience.

Minimum 3 years of experience as a Security Operations Analyst or similar role.

Strong understanding of security concepts network protocols and threat vectors.

Proficiency in SIEM IDS/IPS EDR and other relevant security tools.

Excellent analytical and problemsolving skills.

Strong communication collaboration and documentation skills.

Required/Desired Skills
SkillRequired /DesiredAmountof ExperienceBachelor s degree in information technology Cybersecurity industry security certifications or a related field or equivalent experienceRequired4YearsExperience as a Security Operations Analyst or similar roleRequired3YearsStrong understanding of security concepts network protocols and threat vectorRequired3YearsProficiency in SIEM IDS/IPS EDR and other relevant security toolRequired3YearsExcellent analytical and problemsolving skillRequired3YearsStrong communication collaboration and documentation skillRequired5Years
Questions
No.QuestionQuestion1Commonwealth of Virginia security policies prohibit the use of offshore IT contractors. Do you attest to the fact that your candidate will physically reside within the US for the duration of the assignmentQuestion2Please list candidates email address.Question3In what city and state does your candidate currently reside Question4The role requires the candidate be ON SITE 3 days/week with Wednesday (all day) being a must be onsite with the rest of the team. If selected does your candidate agree to this arrangement