Information Security Analyst - ITS2

Company: State of Minnesota
Location: Saint Paul
Posted on: August 7, 2022

Job Description:

Job Class: Information Technology Specialist 2Working Title: Information Security Analyst

• Who May Apply : Open to all qualified job seekers
• Date Posted : 07/30/2022
• Closing Date : 08/08/2022
• Hiring Agency/Seniority Unit : Minnesota IT Services
• Division/Unit : Central / Vulnerability Management
• Work Shift/Work Hours : Day
• Days of Work : Monday - Friday
• Travel Required : No
• Salary Range: $25.18 - $40.95/hourly; $52,575 - $85,503/annually
• Classified Status : Classified
• Bargaining Unit/Union : 214 - MN Assoc of Professional Empl/MAPE
• FLSA Status : Nonexempt
• Connect 700 Program Eligible: Yes (https://mn.gov/mmb/careers/diverse-workforce/people-with-disabilities/connect700/)As an Information Security System Analyst - Vulnerability Management, you will work on the team providing vulnerability management services to participating State of Minnesota governmental partners; and ensure that information assets are adequately protected against internal/external threats. This position serves in a mid-level technical role in the Threat and Vulnerability Management Unit within the Enterprise Security Office. You will perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy; and measures effectiveness of defense-in-depth architecture against known vulnerabilities. Results will be effectively communicated to technical teams for timely resolution of vulnerabilities. Finally, functional technical support and assistance in the implementation and administration of the Enterprise Vulnerability Management systems.Responsibilities will include:
  • Perform in-depth analysis of vulnerability management scan results
  • Prioritize and communicate vulnerability remediation and resolutions to IT operational teams.
  • Research the security implications of proposed initiatives and potential risk mitigation options
  • Oversee and follow-up on remediation efforts by working with partner technical teams.
  • Ensure vulnerability management scans on computer networks are operating as expected. Troubleshoot and resolve scanning issues judiciously.
  • Create and maintain good technical, procedural, user and training documentation.
  • Administer, monitor and maintain the Vulnerability Management systems and applications
  • Research and stay abreast of potential information security threats and work as part of a team to proactively mitigate their impactMinimum QualificationsCandidates must clearly demonstrate all of the following qualifications in their resume:This position requires a minimum of two (2) years of professional IT experience that includes:Experience working with vulnerability management toolsExperience analyzing scan data for vulnerabilities and assessing the cause and impact of the vulnerabilityExperience presenting and communicating technical topics and information to wide range of audiences, such as technical practitioners, management, and directorsExperience with computer networking concepts and protocols, and network security methodologiesExperience working with Windows and Linux operating systems platforms*A Bachelors degree in Information Technology or a related field substitutes for two years of experience, OR a related Associates substitutes for one year.**Successful candidate must pass past-employer reference checks and a criminal history verification.It is the policy of Minnesota IT Services that all employees submit to a background investigation prior to employment. The background check may consist of the following components:SEMA4 Records Check (applies to current and past state employees only)Criminal History CheckReference CheckSocial Security and Address VerificationEducation VerificationCJIS Background CheckOther legally required checksMinnesota IT Services will not sponsor applicants to for work visas. All applicants must be legally authorized to work in the U.S.Preferred Qualifications
    • Bachelor's degree in Information Technology or related field
    • Experience working with enterprise class vulnerability management systems in large scale organization, including experience identifying systemic security issues based on the analysis of vulnerability and configuration data
    • Experience using network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.)
    • Knowledge and experience of risk management processes (e.g., methods for assessing and mitigating risk) and performing impact/risk assessments
    • Knowledge of cyber threats and vulnerabilities, cyber attackers, and cyber-attack stages
    • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross- site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
    • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL])
    • Knowledge of system administration, network, and operating system hardening techniques
    • Knowledge and / or experience with windows management and technologies, such as Active Directory, Group Policy, and System Center Configuration Manager
    • Knowledge of configuration guidelines and standards, such as Center of Internet Security (CIS) Benchmarks Knowledge of cloud technologies, such as AWS / Azure
    • Experience in programming and scripting, particularly in python
    • Knowledge of application server technologies such as SQL Server, Oracle, Apache, Tomcat, and IIS Web servers.

Keywords: State of Minnesota, St. Paul , Information Security Analyst - ITS2, Professions , Saint Paul, Minnesota