Title: Information Security Analyst III
Montpelier, VT, US
Overview
The State of Vermont's Agency of Digital Services is seeking an experienced IT professional well versed in risk analysis, event monitoring, incident response, and firewall configuration and rule-sets to join our Security Division as an Information Security Analyst III. This position will be critical in supporting our CISO and the Agency of Digital Services. The position is responsible for coordinating the actions of and supporting the Vermont Security Operations Center (VTSOC), maintaining the systems in use, and coordinating with contractors that support our SOC and other security programs, all as part of the VTSOC duties. Additional effort will also be applied to cyber risk management. This position will require knowledge of network and security design within the scope of our established security policies and standards. Consultation on inter-Agency projects is also an expectation of the position. You will often be independently researching and resolving security incidences, and as such, our ideal candidates will be adept in independent problem-solving.
In addition to information security and firewall configuration skills, we are also seeking candidates with some system administration experience (Microsoft, UX) and network systems experience (Cisco, Juniper, Palo Alto, PFSense). You will work with a skilled team of analysts to ensure the security and resilience of State information systems. You will be located in Montpelier, VT.
Employment with the State comes with excellent health and dental insurance, ample paid time off, pension and deferred compensation plans for retirements, reimbursement for continuing education, and more.
Specific duties of this position will involve:
• Build, support and maintain VTSOC processes, relationships and systems
• Coordinate event tracking with contractors and other security staff
• Lead for Security Information and Event Management
• Firewall configuration, rule-sets, configuration of intrusion detection and prevention system
• Secure system configuration, vulnerability assessment, cyber event response
• Research and analysis for securing existing systems
• Security analysis for technology projects and procurements
• Participate on the Cybersecurity Incident Response Team (CSIRT)
• Analyzing and responding to security events/incidents, threats, vulnerabilities, and risks
• Technical troubleshooting
• Technical operation of security infrastructure
• Response, tracking, and remediation of audits
• Security posture reviews and security governance
• Consultation with Disaster recovery (DR) and business continuity (BC) personnel
• Coordination of technical/compliance infrastructure technical guidance
Who May Apply
This position, Information Security Analyst III (Job Requisition #13874), is open to all State employees and external applicants.
If you would like more information about this position, please contact David.Kaiser@vermont.gov
Please note that multiple positions in the same work location may be filled from this job posting.
Resumes will not be accepted via e-mail. You must apply online to be considered.
Environmental Factors
Work is performed in a standard office setting, but some travel may be required for which private means of transportation should be available. Work outside of regular business hours is expected.
Minimum Qualifications
Bachelor's degree in computer science, programming, or engineering AND four (4) years or more of experience in the field of information technology.
OR
Eight (8) years or more of experience in the field of information technology INCLUDING four (4) years where the primary role was in information security.
OR
Six (6) years or more of experience in the field of information technology where the primary role was in information security AND Possession of one (1) or more of the following certifications; Certified Information Systems Security Professional (CISSP) OR Global Information Assurance Certification (GIAC).
Preferred Qualifications
Certification in:
CompTIA Network+
CompTIA Security+
International Information Systems Security Certification Consortium (ISC)
Systems Security Certified Practitioner (SSCP)
Global Information Assurance Certification (GIAC) Information Security Certification
(ISC) Certified Information Systems Security Professional (CISSP)
Total Compensation
- 80% State paid medical premium
- Dental Plan at no cost for employees and their families
- Flexible Spending healthcare and childcare reimbursement accounts
- Two ways to save for your retirement: A State defined benefit pension plan and a deferred compensation 457(b) plan
- Work/Life balance: 11 paid holidays each year and a generous leave plan; many jobs also allow for a flexible schedule
- Low cost group life insurance
- Tuition Reimbursement
- Incentive-based Wellness Program
- Qualified Employer for Public Service Student Loan Forgiveness Program
Equal Opportunity Employer
Nearest Major Market: Barre
Nearest Secondary Market: Montpelier