Job ID: FL-139523 (985917) 3P
Security Analyst with vulnerability assessment, Splunk, Carbon Black Protection, Tripwire, Nexpose-Rapid7, Metasploit, BurpSuite, Kali, Windows/Linux/Solaris, Oracle, bash/Python/Pearl, Java and penetration testing experience
Location: Boca Raton FL (DOT)
Duration: 9 months
Interview: In-person ( in-person interviews will be conducted at the Tolls Data Center in Boca Raton, FL)
Positions: 1 (1/1)
Knowledge and Experience Needed
A – 7 years of Information Security experience or related field
B – 5 years of experience in the areas of vulnerability mitigation and remediation.
B – 3 years of experience with developing a security baseline within environments and administering systems to manage the baseline
A – 2 years of experience or in depth technical expertise with three major security solutions, such as Splunk Core & ES, Carbon Black Protection, Tripwire, Nexpose-Rapid7, Metasploit, BurpSuite, Kali Security Distro
A – Windows experience (2012 and newer) and Solaris, Linux, Oracle
A – 3 years of experience with TCP-IP, network protocols
B – Ability to write custom scripts, using bash, Python, Pearl
A – 3 years of experience with network and web-application penetration testing
C – some experience with Java, code review experience a plus.
A – Hands-on expert with experience in administration and configuration of Splunk Core & ES log management tool/SIEM.
B – Hands-on expert with experience in administration and configuration of Tripwire file integrity monitoring system.
A – Hands-on expert with experience in administration and configuration of Carbon Black Protection.
B – Familiarity with NIST SP 800-137 Information Security Continuous Monitoring standard or similar standard
B – Working level knowledge using Vulnerability Assessment tools like Rapid7 Nexpose
B – Working level knowledge using Application Vulnerability Assessment methodologies such as OWASP
A – Working level knowledge of Windows and UNIX/Linux server operating systems
C – Experience with process lifecycle of the creation, management and compliance of security policies, procedures, standards and guidelines
B – Experience with the processes of identifying appropriate controls to comply with security policies and regulations
A – Experience with Threat and Vulnerability Management Tools
A – Experience with the process of remediation of vulnerabilities identified by the Threat and Vulnerability Management Tools
A – Familiar with incident response principles and procedures
B – Familiar with Payment Card Industry (PCI) security requirements
B – Familiar with SOC-2 security requirements
C – Familiarity with ISO/IEC 27000 series of security standards
A – Experience producing threat and compliance reports for a wide variety of audiences (technical and non-technical)
A – Excellent communication and analytical skills
A – Must work well with others as part of larger team and be able to collaborate on cross functional teams
A – Must be available and willing to work extended and/or alternative hours as needed for issue resolutions, roll-outs, system upgrades, etc.
A – Able to work independently toward goals set at a higher level
A – Must be able to understand Check Point NGTX log analysis, and patch management processes.
1. Support the Threat and Vulnerability Management Program
2. Support of Incident Response Process, Risk Assessments
3. Support of Payment Card Industry (PCI) & SOC-2 compliance and other enterprise security initiatives
Education and certifications
A – Bachelor’s degree in Computer Science / Computer Information Systems or related field
B – CISSP, Splunk, or GIAC, or CEH certifications
This position reports to the Manager – Security, Risk and Compliance Office, Information Technology Office – Florida’s Turnpike Enterprise. The Information Security Analyst position is a core member of the Security, Risk and Compliance Office (SRCO).
This role performs vulnerability assessments using various security tools to assess the applications and infrastructure of the Division of Toll Operations – Florida’s Turnpike Enterprise. To identify key security and privacy issues, risks, exposures and vulnerabilities that could affect the security and privacy of our information systems. This role performs network penetration tests on infrastructure, application, or source code using a variety of techniques and tools. Secure Code Review skills a great plus. The candidate should have a deep understanding of TCP/IP, network discovery, DNS enumeration, vulnerability scanning, exploitation methods and privilege escalation. The candidate should also have an excellent grasp of web application exploitation and the OWASP Top Ten list and the SANS 20 list. The candidate must be able to write objective, detailed reports explaining security issues and their remediation. Should be knowledgeable of security best practices (e.g., NIST series); Industry security standards (e.g., PCI-DSS or SOC-2) Must have experience designing and recommending security controls for application development efforts.
Skills and Experience Weighting
A = Candidate must have these attributes
B = Management strongly desires that the candidate have these attributes
C = Management desires the candidate to have these attributes