CL - Security Analyst - Consultant

Job Description : Maximum Budgeted Bill Rate : $$

Please note : This is required :

REQUIRED EDUCATION / CERTIFICATIONS :

ANY ONE OR COMBINATION OF :

• CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP)
• GIAC CERTIFIED INCIDENT HANDLER (GCIH)
• SECURITY +
• OR SIMILAR WITH VALID EXPERIENCE

SCOPE OF THE PROJECT :

The Office of Cybersecurity is tasked with performing ongoing enterprise cybersecurity threat monitoring and incident response capabilities. This position requires a broad and keen understanding of technology and IT delivery of Security Operation services for on premise and cloud based equipment and critical applications. A strong candidate for this position should possess experience in the following :

DAILY DUTIES / RESPONSIBILITIES :

The Consultant will be in a unique position to help mature our Security Operations Center capability and will work directly for the CISO to drive innovation and maturation of the Agency Cyber threat detection and response capabilities. We are looking for candidates who are highly organized, can work independently in a fast-paced environment and produce multiple quality deliverables within defined deadlines. Candidates should be self-starters, creative problem solvers and have an eagerness to implement tactics, techniques and procedures which make the most effective use of Agency staff, resources, products and technologies quickly.

Essential Responsibilities

1. Drive innovation and maturation of Security Operations capabilities

2. Act as an escalation point and provide leadership, mentorship, and guidance to SOC Analyst I, II, and III

3. Oversee the identification, analysis, and response to security incidents, ensuring rapid containment and resolution

4. Lead and mentor a team of Security Operations analysts, ensuring they are well-trained and motivated

5. Assist in staffing Security Operations staff

6. Perform threat identification and analysis of risks to the Medicaid Enterprise

7. Assist in the implementation and advancement of Continuous Monitoring and Incident Response processes and procedures

8. Consistently review and refine Playbooks, Process, and Alert reviews to identify areas of improvement

9. Assist with advanced threat hunting, looking for attacker presence within the environment

10. Work with Information Technology, Application Development and Business Teams to advance security efforts of the Medicaid Enterprise

11. Lead security team projects, and continuous improvement

12. Collaborate with compliance teams to maintain audit-ready status

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE) :

1. 10+ years of experience of IT working with Windows, Linux, and Web-based applications

2. 5+ years of experience with enterprise infrastructure design and deployment

3. 5 years of related experience in a SOC lead capacity

4. A firm understanding of the offerings and capabilities within Cloud service providers and technologies

5. Ability to communicate clearly, verbally and in writing; to interact effectively with internal and external vendors, project team members, management and agency departments; to build relationships and use facilitation skills with both technical and non-technical personnel

6. Experience in organizing information in a way that is appropriate for technical explanations without losing sight of the needs and aptitude of the audience

7. Ability to work independently and collaborate with multiple teams and vendors

8. Ability to multitask and prioritize tasks effectively in order to meet deadlines

9. Must be intermediate to advanced skills in additional Microsoft Office products (Word, Excel, PowerPoint, Visio) and working with templates and style guidelines for branding consistency

10. Keen attention to detail while maintaining the ability to see the big picture

11. Experience with the evaluation and selection of products and vendors to support initiatives.

12. Ability to accept changes and constructive criticism in a fast turn-around environment

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE) :

1. Experience identifying, testing and leading remediation efforts of OWASP Top Ten, CWE / SANS TOP 25 Most Dangerous Software Errors, etc.

2. Prior experience performing penetration testing and vulnerability assessments in organizations subject to FISMA or similar requirements

3. Prior experience in working with eGRC systems

REQUIRED EDUCATION / CERTIFICATIONS :

ANY ONE OR COMBINATION OF :

PREFERRED EDUCATION / CERTIFICATIONS :

Additional Sills : Skills :

Category

Name

Required

Importance

Level

Last Used

Experience

Administrative Verbal Communication Skills Yes 1 Expert Currently Using 6 + Years Administrative Written Communication Skills Yes 1 Expert Currently Using 6 + Years Cloud cloud platforms / environments Yes 2 Advanced Within 6 Months 2 - 4 Years Education Technical Certifications Yes 1 Advanced Currently Using 1 - 2 Years Education Bachelor of Science Degree No 5 Advanced Currently Using 1 - 2 Years Education CISSP No 6 Intermediate Within 2 Years 2 - 4 Years Miscellaneous Demonstrated knowledge / skills of the IT industry which includes : multi-tiered architectures, enterprise applications, evaluation of emerging technologies, networks, data management systems and hardware systems. Yes 1 Advanced Currently Using 4 - 6 Years Miscellaneous Leadership skills Yes 2 Expert Currently Using 4 - 6 Years Miscellaneous web based applications Yes 1 Advanced Within 2 Years 4 - 6 Years Network Security Cybersecurity Yes 1 Advanced Currently Using 6 + Years Network Security IT Security Yes 1 Advanced Currently Using 2 - 4 Years Network Security risk / vulnerability assessments No 9 Networking & Directories INCIDENT MANAGEMENT Yes 1 Advanced Currently Using 4 - 6 Years Operating Systems / APIs Linux Yes 1 Advanced Currently Using 6 + Years Operating Systems / APIs Windows Yes 1 Advanced Currently Using 6 + Years Packaged Applications Microsoft Office Suite Yes 1 Advanced Currently Using 6 + Years Program Management Supervisory Leadership Experience Yes 2 Expert Currently Using 4 - 6 Years Specialties RSA Archer No 9