Cybersecurity Risk Analyst (Infrastructure Specialist Associate - PN
Description:
Schedule: Full-time
What You'll Do: The Office of Management Information Systems (OMIS) administers the computer-based management systems across the ODH enterprise. The office is responsible for maintaining ODH computer networks and servers and for the development and implementation of strategies that support the current and future technology needs of the agency. We are seeking a Cybersecurity Risk Analyst (Infrastructure Specialist Associate) to work under direct supervision in order to become proficient, receive training on and assist higher-level Infrastructure Specialists with installation, monitoring/maintenance, configuration, upgrading, and/or administration/operation of a single assigned technology domain.
This position will:
Assist higher level security staff with security operations
Monitor enterprise security tools such as Security Information and Event Management platforms, endpoint detection systems, and vulnerability management solutions
Research security events by gathering additional context from logs, threat intelligence sources, and internal systems
Review and triage security alerts to identify potential threats, suspicious behavior, or policy violations
Support risk management activities by helping identify, assess, and track technology and security risks, ensuring they are logged and escalated according to organizational processes
Assist with privacy compliance efforts by reviewing systems and data flows for potential privacy impacts and ensuring security controls align with relevant policies and regulations
Collaborate with IT teams to support broader security initiatives
Develop and maintain ad-hoc utilities or reports to automate processes
18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating a single technology domain.
-Or successful completion of IT Apprenticeship program at designated agency.
-Or completion of associate core program in computer science or information systems.
Note: the official position description on file with the designated agency is to reflect, in the minimum acceptable characteristics, the required technology related experience. Only those applicants possessing the required technology related experience listed in the position description are to be considered for any vacancies posted. The vacancy/job posting should also only list the required technology related experience commensurate with the position in question.
Applications of those who meet the minimum qualifications will be further evaluated against the following criteria:
Undergraduate or advanced degree in Computer Science or Information Systems
Experience with security event response (review and triage security events, respond to appropriate parties, assist with remediation and documentation efforts)
Experience with Vulnerability Management Tools (e.g. Qualys)
Experience with cybersecurity platforms for endpoint detection, threat intelligence, and incident response (e.g., Crowdstrike)
Experience with Security Information and Event Management (SIEM) platform (e.g. Google SecOps+)
Experience with Governance, Risk, and Compliance (GRC) tools (e.g. OneTrust, Bitsight)
Experience with vendor IT security analysis (e.g. reviewing documentation, comparing vendor responses to agency/state IT security policies, providing feedback and recommendations to higher-level staff on policy/procedure adherence)
Experience collaborating with IT teams to support vulnerability remediation efforts (i.e., tracking vulnerabilities, support basic risk assessment activities by gathering information, reviewing scan results, and confirming vulnerability details)
All eligible applications shall be reviewed considering the following criteria: qualifications, experience, education, and active disciplinary record.
Job Skills: Information Technology
Technical Skills: Cybersecurity, Risk Management
Professional Skills: Collaboration, Critical Thinking, Problem Solving