Job Description:
***Crop to Crop resumes are accepted
Location Requirement: Remote daily work with the ability to report to Madison Office for training or when required for emergency situations. Must be a WI resident. No relocation allowed. Position will be 100% remote after training.
This position may be assigned to focus areas such as incident response, phishing mitigation, threat
detection, security awareness, vulnerability scanning, or forensic analysis, depending on
organizational needs. The analyst will represent the DOC Information Security Section (ISS) team in
technical discussions, project work, and collaborative efforts to improve DOC s cybersecurity
posture.
The position requires strong communication and problem-solving skills, the ability to work independently on complex tasks, and a commitment to upholding the security and privacy standards of DOC. Clients and collaborators include information technology (IT) staff, application developers, infrastructure teams, business units, vendor, and external governmental partners. The work environment is dynamic, requiring adaptability, initiative, and a proactive mindset.
This position shall comply with the Department s administrative rules and the agency s policies and procedures including those related to the Department's overall Reentry philosophy of using evidence-based strategies, practices and programs which target an offender s individual criminogenic needs and risk level.
KNOWLEDGE, SKILLS AND ABILITIES
- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.
- Strong knowledge of threat detection, incident response, and log analysis techniques.
- Experience conducting forensic investigations and supporting HR/legal requests through structured evidence collection.
- Familiarity with phishing mitigation strategies and email threat analysis.
- Understanding of modern identity protection concepts, including multifactor authentication, conditional access, and least privilege.
- Working knowledge of vulnerability management practices, technologies, and tools.
- Ability to analyze threat intelligence and apply it to strengthen detection and response mechanisms.
- Experience with cloud security principles, including shared responsibility models and secure configurations.
- Understanding of NIST Cybersecurity Framework, NIST RMF, and other common security standards.
- Knowledge of risk assessment methods and the ability to evaluate proposed technologies for security implications.
- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.
- Excellent technical writing and documentation skills, including incident reports and playbook development.
- Ability to collaborate with cross-functional teams, including DOA/DET, infrastructure, and development staff.
- Effective time management and task prioritization skills in a high-urgency environment.
- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.
- Strong interpersonal communication skills with the ability to explain complex topics to non- technical audiences.
- Commitment to continuous learning, professional development, and information sharing.
- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.
- Ability to work independently and as part of a distributed team to achieve shared objectives.
- Demonstrated commitment to equity, inclusion, and collaborative team culture.
Required Skills: At least 1 year of experience required in the following:
- Working knowledge of vulnerability management practices, technologies, and tools.
- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.
- Familiarity with phishing mitigation strategies and email threat analysis.
- Incident Response Forensics and Remediation (i.e. Crowdstrike, Sandbox evaluation & detonation, Phish evaluation, Malicious Website and Malicious Intent Identification)
- Customer service as it pertains to security incident management and communication with end user about dangerous behavior.
- Excellent technical writing and documentation skills, including incident reports and playbook development.
- Ability to work independently and as part of a distributed team to achieve shared objectives.
Desired Skills:
- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.
- Strong interpersonal communication skills with the ability to explain complex topics to non-technical audiences.
- Experience working as a team member on projects to improve business needs.
- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.
- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.
Never miss an opportunity! Create an alert based on the job you applied for.
