Job Description & Responsibilities:
Participates in information security related projects and ensuring people, processes, and technology aligns with the desired security posture of the organization. Lead and/or support in-depth triage and investigations of urgent cyber incidents in cloud, traditional, and hybrid environments. Perform incident response functions including but not limited to host-based analytical functions (e.g. digital forensics, metadata, malware analysis, etc.) through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs). Create and track metrics based on the MITRE ATT&CK Framework and other standard security-focused models. Work with application and infrastructure stakeholders to identify key components and information sources such as environments (on-premises versus cloud), servers, workstations, middleware, applications, databases, logs, etc. Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place. Collaborate with State multidisciplinary groups for triaging and defining the scope of large scale incidents. Document and present investigative findings for high profile events and other incidents of interest. Participate in readiness exercises such as purple team, table tops, etc. Train junior colleagues on relevant best practices. Core Competencies: Data Utilization: Requires the ability to coordinate, manage, and/or correlate data. Includes exercising judgment in determining time, place and/or sequence of operations, referencing data analysis to determine necessity for revision of organizational components, and in the formulation of operational strategy. Human Interaction: Requires the ability to work with and apply principles of persuasion and/or influence over others to coordinate programs or activities of a project, and resolve typical problems associated with the responsibilities of the job. Verbal Aptitude: Requires the ability to utilize a wide variety of reference, descriptive, advisory and/or design data and information. Mathematical Aptitude: Requires the ability to perform addition, subtraction, multiplication and division; ability to calculate decimals and percentages; may include the ability to calculate algebraic calculations, and the ability to interpret graphs. Functional Reasoning: Requires the ability to apply principles of influence systems, such as motivation, incentive, and leadership, and to exercise independent judgment to apply facts and principles for developing approaches and techniques to resolve problems. Situational Reasoning: Requires the ability to exercise judgment, decisiveness and creativity in situations involving the evaluation of information against sensory, judgmental, or subjective criteria, as opposed to that which is clearly measurable or verifiable.
Qualifications:
Bachelor's degree in Computer Science/Information Technology/Information Security or related field or equivalent experience AND three (3) years of proven experience and demonstrated success in technology leadership with emphasis on information security, data governance. Holds an intermediate cyber certification per state guidelines or achieves within 12 months of start date: (CCNA, CCNA-S, C)ISRM, CISM, CASP, GCIH, GCED, CEH). Must hold or be able to qualify for a US Department of Homeland Security (DHS) clearance. Preferred Skills/Qualifications: Preference will be given to candidates who, in addition to meeting the minimum qualifications, demonstrate some or all the following education/skills/experience: Desired experience in areas such as scripting & automation, application security testing, threat hunting, cyber incident handling.
Salary:
$69,134.16 - $91,309.47 Annually
Contact:
Employer: Georgia Department of Human Services
Location: Georgia
Link: https://www.governmentjobs.com/careers/dhsgeorgia/jobs/4857280/cybersecurity-specialist-2-00176980?pagetype=jobOpportunitiesJobs