Job Description:
***Crop to Crop resumes are accepted
Location Requirement: Hybrid Remote: Remote daily work with the ability to report to Madison Office for training or when required for emergency situations. Must be a WI resident. No relocation allowed. Position will be 100% remote after training.
Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions across the Wisconsin Department of Correction (DOC). Core responsibilities include providing risk assessment and/or compliance support. Taking part in or leading audits, submitting findings, analyzing risks for specific areas, monitoring corrective actions, and drafting risk reports with metric charts and ongoing effort accountability. This position assesses, documents, and provides guidance to other IT staff and non-IT areas on how to align IT operational and technology processes based on information technology risk assessments and/or with regulatory compliance/audit functions. This position will also provide support in detecting, analyzing, and responding to cybersecurity threats, participating in forensic investigations, and contributing to ongoing vulnerability management efforts. The role may also include supporting cloud security initiatives, assisting with tabletop exercises, and developing security response procedures.
The incumbent will work collaboratively with internal stakeholders across DOC, as well as external partners including the Department of Administration’s Division of Enterprise Technology (DOA/DET). The role will utilize a variety of enterprise security tools and platforms.
This position may be assigned to focus areas such as incident response, phishing mitigation, threat detection, security awareness, vulnerability scanning, or forensic analysis, depending on organizational needs. The analyst will represent the DOC Information Security Section (ISS) team in technical discussions, project work, and collaborative efforts to improve DOC’s cybersecurity posture.
The position requires strong communication and problem-solving skills, the ability to work independently on complex tasks, and a commitment to upholding the security and privacy standards of DOC. Clients and collaborators include information technology (IT) staff, application developers, infrastructure teams, business units, vendor, and external governmental partners. The work environment is dynamic, requiring adaptability, initiative, and a proactive mindset.
This position shall comply with the Department’s administrative rules and the agency’s policies and procedures including those related to the Department''s overall Reentry philosophy of using evidence-based strategies, practices and programs which target an offender’s individual criminogenic needs and risk level.
Required Skills: At least 2 year''s of experience required in the following:
- Understanding of NIST Cybersecurity Framework, NIST RMF, and other common security standards.
- Experience and working knowledge of common security frameworks and control theories to include current applicable NIST, CJIS, and ISO standards
- Experience with creating and leading discussions around the implementation and artifact collection of NIST 800-53 controls
- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.
- Familiarity with phishing mitigation strategies and email threat analysis.
- Incident Response Forensics and Remediation (i.e. Crowdstrike, Sandbox evaluation & detonation, Phish evaluation, Malicious Website and Malicious Intent Identification)
- Customer service as it pertains to security incident management and communication with end user about dangerous behavior.
- Excellent technical writing and documentation skills, including incident reports and playbook development.
- Ability to work independently and as part of a distributed team to achieve shared objectives.
Desired Skills:
- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.
- Strong interpersonal communication skills with the ability to explain complex topics to non-technical audiences.
- Experience working as a team member on projects to improve business needs.
- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.
- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.