Overview
On Site
USD 85,000.00 - 110,000.00 per year
Full Time
Skills
Information Technology
Human Resources
Recruiting
HR Management
Training
Technical Drafting
Policies and Procedures
Development Testing
Disaster Recovery
DRP
Backup
ISO 9000
Auditing
Regulatory Compliance
Research
SEC
Scripting
Vulnerability Scanning
Event Management
SIEM
Network
Cyber Security
Root Cause Analysis
Communication
Information Security
Risk Management
Security Operations
Security+
System Security
SSCP
GSEC
Job Details
Title: Information Security Analyst (00168)
State Role Title: Info Technology Specialist III
Hiring Range: $85,000.00 - $110,000.00
Pay Band: 6
Agency: Dept of Human Resource Mgt
Location:Dept of Human Resource Mgmt
Agency Website:;br>
Recruitment Type: State Employee Only - E
Job Duties
The Department of Human Resource Management's Office of Information Security and Risk Management is seeking a qualified individual to fill the position of Information Security Analyst. This position is responsible for supporting the protection of DHRM's electronically generated, stored, and transmitted information. The role includes ongoing monitoring and assessment of security risks, as well as the design and delivery of staff training to reduce the agency's cybersecurity exposure. This position will also assist the DHRM Chief Information Security Officer (CISO) in the design, implementation, and maintenance of the agency's information security program. Responsibilities include drafting and enforcing policies and procedures, supporting risk and vulnerability assessments, and assisting with the development, testing, and execution of the agency's Disaster Recovery Plan (DRP). This position also serves as the Deputy Information Security Officer (ISO) acting as a designated backup to the Chief Information Security Officer. The Deputy ISO may represent the Information Security Program in meetings, audits, and communications when delegated by the CISO. Key duties of this position also include: (1) Assessing emerging network threats and attack vectors; (2) Monitoring security logs and responding to incidents; (3) Evaluating system, application, and infrastructure configurations for compliance with Commonwealth security standards; (4) Supporting the development of physical and logical information security standards; (5) Researching and recommending cybersecurity technologies and tools.
Minimum Qualifications
Working knowledge of cybersecurity regulations, especially Commonwealth standards such as SEC530. Working knowledge of scripting, vulnerability scanning tools, and security information and event management (SIEM) platforms. Working knowledge of systems, applications, and network vulnerabilities, and relevant mitigation techniques. Knowledge of basic and intermediate cybersecurity principles and tools. Demonstrated experience in reviewing logs, identifying anomalies, and performing root-cause analysis. Demonstrated ability in conducting vulnerability assessments and security reviews. Excellent written and verbal communication skills with the ability to translate technical content for non-technical audiences. Ability to work independently, prioritize tasks, and meet deadlines under pressure. Skill in building effective relationships with technical and non-technical stakeholders. High school graduate or equivalent.
Additional Considerations
Considerable experience in information security, risk management, or security operations. CompTIA Security+, Systems Security Certified Practitioner (SSCP), or GIAC Security Essentials Certification (GSEC) certification.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
State employees who have been affected by Policy 1.3 Layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card) must submit the card BEFORE the closing date for this position. The card may be scanned and attached to the application or faxed to . Please include your name and the position number of the fax cover sheet. AMERICORPS, PEACE CORPS, AND OTHER NATIONAL SERVICE ALUMNI ARE ENCOURAGED TO APPLY.
"The Department of Human Resource Management is dedicated to recruiting, supporting, and maintaining a competent and diverse work force."
Equal Opportunity Employer
Contact Information
Name: Derek Mountford
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title: Info Technology Specialist III
Hiring Range: $85,000.00 - $110,000.00
Pay Band: 6
Agency: Dept of Human Resource Mgt
Location:Dept of Human Resource Mgmt
Agency Website:;br>
Recruitment Type: State Employee Only - E
Job Duties
The Department of Human Resource Management's Office of Information Security and Risk Management is seeking a qualified individual to fill the position of Information Security Analyst. This position is responsible for supporting the protection of DHRM's electronically generated, stored, and transmitted information. The role includes ongoing monitoring and assessment of security risks, as well as the design and delivery of staff training to reduce the agency's cybersecurity exposure. This position will also assist the DHRM Chief Information Security Officer (CISO) in the design, implementation, and maintenance of the agency's information security program. Responsibilities include drafting and enforcing policies and procedures, supporting risk and vulnerability assessments, and assisting with the development, testing, and execution of the agency's Disaster Recovery Plan (DRP). This position also serves as the Deputy Information Security Officer (ISO) acting as a designated backup to the Chief Information Security Officer. The Deputy ISO may represent the Information Security Program in meetings, audits, and communications when delegated by the CISO. Key duties of this position also include: (1) Assessing emerging network threats and attack vectors; (2) Monitoring security logs and responding to incidents; (3) Evaluating system, application, and infrastructure configurations for compliance with Commonwealth security standards; (4) Supporting the development of physical and logical information security standards; (5) Researching and recommending cybersecurity technologies and tools.
Minimum Qualifications
Working knowledge of cybersecurity regulations, especially Commonwealth standards such as SEC530. Working knowledge of scripting, vulnerability scanning tools, and security information and event management (SIEM) platforms. Working knowledge of systems, applications, and network vulnerabilities, and relevant mitigation techniques. Knowledge of basic and intermediate cybersecurity principles and tools. Demonstrated experience in reviewing logs, identifying anomalies, and performing root-cause analysis. Demonstrated ability in conducting vulnerability assessments and security reviews. Excellent written and verbal communication skills with the ability to translate technical content for non-technical audiences. Ability to work independently, prioritize tasks, and meet deadlines under pressure. Skill in building effective relationships with technical and non-technical stakeholders. High school graduate or equivalent.
Additional Considerations
Considerable experience in information security, risk management, or security operations. CompTIA Security+, Systems Security Certified Practitioner (SSCP), or GIAC Security Essentials Certification (GSEC) certification.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
State employees who have been affected by Policy 1.3 Layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card) must submit the card BEFORE the closing date for this position. The card may be scanned and attached to the application or faxed to . Please include your name and the position number of the fax cover sheet. AMERICORPS, PEACE CORPS, AND OTHER NATIONAL SERVICE ALUMNI ARE ENCOURAGED TO APPLY.
"The Department of Human Resource Management is dedicated to recruiting, supporting, and maintaining a competent and diverse work force."
Equal Opportunity Employer
Contact Information
Name: Derek Mountford
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.