Cyber Security Analyst

Employee shall provide knowledge to ensure that the organization s networks and information are secure. Employ continuous monitoring of intrusion detection/prevention for all systems and applications.

Ensure appropriate data encryption (in transit and at rest) levels based on the protection needs of targeted data, administer host intrusion protection, data loss prevention, antivirus, vulnerability management, and security information event management. The contractor will create and update Information Assurance artifacts, create and manage Plans of Action and Milestones, perform all duties within the Governance Risk and Compliance Tool (GRCT), update all cybersecurity documentation, and attend all related IT and Cybersecurity meetings. Attend quarterly Risk Management Workshops hosted by OCIO, identify, track, maintain, and update action items & statuses.

Employee shall be responsible for safeguarding OIG IT infrastructure and data. Implement and maintain security measures, monitor network traffic for suspicious activity, and troubleshoot security

incidents. This role also involves developing and enforcing security policies, conducting vulnerability assessments, and ensuring compliance with relevant regulations. The responsibilities will include:

Implementing and Maintaining Security Solutions: Install, configure, and maintain security tools like firewalls, intrusion detection systems, and anti-virus software, data loss prevention.

Monitoring Network Activity: Continuously monitor network traffic for suspicious activity and potential security breaches. Monitoring system logs and events for suspicious activity using OIG Security

Information and Event Management (SIEM) tool.

Vulnerability Assessments: Performing vulnerability scanning and tests, identifying and defending against threats. Configuring security systems, analyzing security requirements, and recommending

improvements. Regularly assess the organization's network and systems for vulnerabilities and recommend remediation strategies.

Security Patching: Implementing and monitoring security patches and updates to address known vulnerabilities. Updating software with the latest security patches and ensuring the proper defenses are

present for each network resource Troubleshooting Security Issues: Investigate and resolve security incidents, including unauthorized access attempts and malware infections. Maintaining and resolving all reported Binding Operational Directives (BOD) and Indicators of Compromise (IOCs) Developing and Enforcing Security Policies: Assist ISO, ISSM, and ISSO with creating and implementing security policies, procedures, and guidelines to protect sensitive data and systems.

Ensuring Compliance: Ensure compliance with industry regulations and standards related to IT security. Support OIG Systems ATO Assessment-related activities Security Audits: Conduct security audits and self-assessments to identify weaknesses in the security posture of the OIG systems.

EDUCATION
Bachelor s Degree in Computer Science, Information Systems, Engineering or related field or equivalent work experience.