IN-DCS-Info Security Analyst

Short Description

Resource work as an Information Security Analyst within Information Technology Division of Department of Child Services This position is responsible for auditing and monitoring systems containing confidential information.

Complete Description

Resource works as a Security Analyst and performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction and typically reports to the Information Security Manager or higher-level staff.

The Essential Functions Of This Role Are As Follows

• Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement;
• Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment.
• Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits.
• Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53).
• Develops Standard Operating Procedures (SOP) for implementing security polices;
• Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems;
• Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data;
• Develops and implements procedures for use of information security management software;
• Proposes information security software enhancements;
• Performs periodic audits to assure security policies and standards are being followed and are effective.
• Develops recommendations for enhancements and generates reports where necessary;
• Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security;
• Mentors and provides guidance to new or other staff as needed;
• Performs related duties as assigned.
• Assist on other task as assigned.
  
  

Thorough knowledge of information security management tools, policies, and standards of information security procedures;

• Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy;
• Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation;
• Familiarity with domain structures, user authentication, and digital signatures;
• Ability to develop and maintain information security standards;
• Ability to understand and apply complex computer logic to work;
• Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management;
• Experience in assessing security needs of teams and assist in their security training.
• Ability to communicate effectively both orally and in writing;
• Ability to be a team member as well as a team leader depending on the situation;
• Degree in information security or technology preferred;
• Security certification preferred (e.g. CISSP).
• Network Admin experience preferred.
  
  

Supervisory Responsibilities/Direct Reports

This role does not provide direct supervision to direct reports.

Skills: Skill Required / Desired Amount of Experience Expertise Rating Move Thorough knowledge of information security management tools, policies, and standards of information security practices 3-5 years experience Required 5 Years Network Admin experience 1-3 years experience Required 3 Years Ability to develop and maintain information security standards; Required 1 Years Ability to understand and apply complex computer logic to work Required 1 Years Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation Required 1 Years Ability to work with wide range of information technologists, including systems administrators, technical support, application development, end users Required 1 Years Familiar with cybersecurity security framework (e.g. NIST, ISO, SOC 2, CIS, Cobit, etc) Required 1 Years Computer security compliance and auditing experience Required 1 Years IRS, SSA computer security compliance and audit experience Required 1 Years HIPAA experience Required 1 Years Basic understanding of Microsoft Office Suite Required 1 Years Security certification (e.g. CISSP, CRISC) Required Ability to communicate effectively both orally and in writing Required Degree in information security or technology Required

Question 1

Flexible on work schedule, Monday to Friday ( Start Time 7:30 AM - 8:00 AM and End Time 4:30 PM - 5:00 PM )

Question 2

Resource will work in the office Monday through Wednesday with the option to work remote on Thursday and Friday. Please confirm the resource understands this requirement

Agency Interview Type

Webcam only

Work Arrangement

Hybrid