Cyber Secuirty Analyst

Overview

Hybrid
$60 - $80
Contract - W2
Contract - 12 Month(s)

Skills

Active Directory
Analytical Skill
Backup
CHFI
CISA
CISM
CISSP
Cloud Computing
Computer Hardware
Critical Thinking
DNS
Data Storage
Database
Documentation
Dragon NaturallySpeaking
Encryption
Firewall
Forensics
Gramm-Leach-Bliley Act
HIPAA
HITECH
Hardening
ISO/IEC 27001:2005
IaaS
Incident Management
Information Security
Information Technology
Internet
LAN
LDAP
Linux
Malware Analysis
Management
Mentorship
Microsoft Windows
Mobile Devices
MySQL
NFS
NIST 800-53
NTP
Network
Operating Systems
PCI DSS
PL/SQL
PaaS
Programming Languages
Project Management
Project Scoping
Proxies
Reporting
Routers
SAP BASIS
SAP GRC
SIEM
SMTP
SNMP
SOW
SaaS
Samba
Servers
Standard Operating Procedure
Supervision
Switches
TCP/IP
Team Leadership
Testing
Threat Analysis
Training
Unix
Virtual Private Network
WAN

Job Details

Candidate should be travel and collect the equipment on their own expenses once they got the offer.

The tasks for the Security Analyst include, but are not limited to, the following:
  1. Proactively identify and assess threats to State Funds users, network and data
  2. Monitor and respond to reports of malicious activity
  3. Respond and investigate intrusions and security events
  4. Demonstrate an understanding of State Funds threat landscape
  5. Perform thorough analysis of attacks and anomalous network behavior
  6. Provide summarized and detailed analysis and documentation in support of ESEC
  7. Perform proficient forensic analysis using security tools and processes
  8. Identify Actionable Intelligence by processing Threat Intelligence (TI)
  9. Demonstrate ability to identify, contain, eradicate and recover from security incidents
  10. Collaborate with State Fund business units, partners and individuals to mitigate security threats
  11. Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices related to forensics and security incidents management
  12. Attend meetings/Represent ESEC as a Senior Lead for all security matters
  13. Act as Lead/Co-Lead/Backup on assigned ESEC projects
  14. Mentor junior staff colleagues
  15. Create Standard Operating Procedures and training documents
  16. Other duties, to be assigned as needed

MENTORING & SKILL ENHANCEMENT:
  • Mentoring and Skills Enhancement of State Fund employees by Supplier Personnel are considered an integral part of this engagement. Supplier Personnel will work in a collaborative fashion with State Fund Contract Executive to create and provide a specific training to designated State Fund employees in those areas of State Fund s systems in which the Supplier Personnel has knowledge and expertise.
  • Supplier Personnel will make every effort to provide skills enhancement at a satisfactory rate and report any issues that may impede the progress of training and mentoring.
  • Supplier Personnel resources shall provide input to Contract Executive to develop training and mentoring plan to include specific skill sets, tasks, and training methodologies.
  • Supplier Personnel will be responsible to execute the training and mentoring plan(s) with designated State Fund employees and shall provide input to refine and further develop training and mentoring plans as training progresses.
  • Supplier Personnel shall meet and discuss progress of training to State Fund on a monthly basis.
  • State Fund Contract Executive will be responsible to document a training plan on the Mentoring & Skill Enhancement Planner and to monitor progress of training and mentoring with the State Fund employee(s). The Mentoring & Skill Enhancement Tracker and Planner are provided as Attachment C to this SOW.
RESOURCE REQUIREMENTS, SKILLS, KNOWLEDGE AND ABILITIES:

Supplier shall ensure that all resources assigned to the project have the minimum skills requirement to render the services in a competent and efficient manner.
TECHNICAL KNOWLEDGE AND SKILLS:
  • Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
  • Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
  • Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
  • Technical security project management skills.
  • Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.

WORKING EXPERIENCE, at a minimum:
  • Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
  • Operating Systems: UNIX, LINUX, WINDOWS.
  • Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
  • Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
  • Databases: Oracle, SQL, MYSQL.
  • Cloud Platforms: IAAS, PAAS, SAAS.
  • Security Concepts: Encryption, Hardening, etc.
  • Security GRC.
  • Forensic Analysis Tools.
  • Active Directory.
  • Programming Languages are a plus.
  • Computer Forensic experience a plus.
  • Prior SIEM experience a plus.
  • Malware analysis skills a plus.

PROFESSIONAL SKILLS:

The Consultant resource(s) shall possess most of the following skills:
  • Strong Analytical and Critical Thinking Skills.
  • Ability to analyze information and formulate solutions to problems.
  • Provide more in-depth analysis with a high-level view of goals and end deliverables.
  • Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
  • Plan and manage all aspects of the support function.
  • Extensive knowledge of and proven experience with information technology systems and methods of developing, testing and moving solutions to implementation.
  • Expert knowledge in project management practices and ability to document process and procedures as needed.
  • Self-motivated self-starters/proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables.
  • Ask questions and share information gained with other support team members, recording, and documenting this knowledge.
  • Elicit and gather user requirements and/or problem description information and record this information accurately.
  • Listen carefully and act upon user requirements or requests.
  • Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons.
  • Follow the lead of others on assigned projects as well as take the lead when deemed appropriate.
  • Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources.
  • Take responsibility for the integrity of the solution.
  • Present solutions (technical and non-technical) to management and decision makers.
  • Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision.
  • Experience in managing multiple projects.
  • 5+ Years experience in information security and forensics and/or security incident response.
  • CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)
CORE COMPETENCIES:
  • Act with integrity
  • Use sound judgement
  • Commitment to quality
  • Demonstrate adaptability
  • Innovate
  • Think strategically
  • Communicate effectively and influence others
  • Work well both independently and as part of a team
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.