Enterprise Information Security Professional 1(Vulnerability, SIRT
Description:
Schedule: Full-time
The Office of Information Security and Privacy is seeking IT security professionals to join the following units: Vulnerability & Application Security; Security Incident & Response; and Red Team. Below is a summary of job duties for each:
What You'll Do:
Vulnerability:
Under general supervision in the Office of Information Security & Privacy, evaluates effectiveness & risk of IT processes:
• Recommends changes in IT procedures to meet customer needs
• Analyze organization's cyber defense policies & configurations & evaluate compliance with regulations & organizational directives
• Conduct &/or support authorized penetration testing on enterprise network assets
• Conduct &/or support physical security assessments
• Operate & maintain vulnerability scanning tools
• Advise on patching practices
• Advice on secure coding practices
• Conduct vulnerability assessments on newly deployed software/hardware
• Research new exploits & vulnerabilities
• Analyzes organization cyber defense polices & configurations & evaluate compliance with regulations & organizational directives
• Provides threat briefings to senior management, Ohio Homeland Security & other partners
• Coordinates creation & distribution of cyber intelligence information to IT security personnel
• Participates in meetings with Multi-State Information Sharing & Analysis Center, US Department of Homeland Security & other partners
• Compiles & presents agency reports on vulnerability status & assists in developing remediation plans
Assist with Incident Response efforts:
• Assist with Fusion Center Initiatives
• Intelligence gathering
Performs other duties as assigned.
*This position requires the employee to be able to obtain a SECRET level US Government security clearance.
SIRT:
Under general supervision in the Office of Information Security and Privacy, coordinates with enterprise-wide cyber defense staff to validate network alerts:
• Coordinates with enterprise-wide cyber defense staff to validate network alerts
• Determines tactics, techniques and procedures for intrusions sets
• Provides cybersecurity recommendations to leadership based on significance of threats and vulnerabilities
• Works with stakeholders to resolve computer security incident and vulnerability compliance
• Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network
• Documents and escalates incidents that may cause ongoing or immediate impact to the environment
• Perform cyber defense trend analysis
• Performs event correlation using information gathered from a variety of sources within the enterprise to situational awareness and determine the effectiveness of an observed attack
• Provides daily summary reports of network events and activity relevant to cyber defense practices
• Receives and analyzes network alerts from various sources within the enterprise to determine possible causes
• Uses cyberdefense tools for continual monitoring and analysis of systems activity to identify malicious activity
• Analyzes identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and information
• Identifies and analyze anomalies in network using metadata
• Conducts research, analysis and correlation across a wide variety if all source data sets
• Monitors external data sources to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise
• Analyzes and reports system and organizational security posture trends
Performs other duties as assigned (e.g., work with team lead and assist other staff with various projects; etc.).
Red Team:
Under general supervision in the Office of Information Security & Privacy (OISP), identifies weaknesses in the State’s security controls as well as the State’s detection & response capabilities by:
• Conducts exercises emulating adversaries’ operations.
• Identifies & uncovers misconfigurations in the State’s network.
• Evaluates the security of the State’s websites to discover other-wise unknown security issues.
• Conducts penetration tests &/or coordinates with external penetration testing partners to verify vulnerabilities are exploitable.
• Presents findings to stakeholders & advises on corrective
measures on vulnerabilities.
• Engineers offensive security solutions to exploit IT infrastructure & application weaknesses.
• Collaborates with other technical resources to develop &
implement mitigation strategies for discovered vulnerabilities.
• Monitors & evaluates the effectiveness of the enterprise's
cybersecurity safeguards vis-à-vis findings to ensure that findings from exercises are adequately addressed.
• Identifies, collects, & reports metrics related to progress, operations, & findings.
• Works with agencies on requests for regulatory penetration testing to ensure that their testing is adequate.
• Conducts efforts to evaluate, recommend & implement IT security standards & best practices to remediate discovered vulnerabilities.
• Conducts threat or target analysis of cyber defense information & production of threat information within the enterprise.
Position may require flexible schedule to include evening, weekends or call-in to meet urgent business needs.
Completion of undergraduate core coursework in computer science; 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
-Or 12 mos. exp. as Information Technology Apprentice, 69910; successful completion of Ohio Cyber Apprenticeship program; additional 12 mos. trg. or exp. in Information Systems/Information Technology with a focus in one of the following areas: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, IT Security, and Help Desk/Customer Support.
-Or equivalent of Minimum Class Qualifications for Employment noted above. Note: The Ohio Cyber Apprenticeship program is a program offered by the Department Administrative Services. 2000 hrs. of on the job experience and 200 certified instructional credits must be earned in order to complete this program.
Job Skills: Cybersecurity