Job ID: GA-776570 (96090926)
Hybrid/Local (Atlanta ONLY) Security Analyst (C2H/12+) with SIEM, EDR, IDS, threat hunting, incident response, vulnerability management, data governance experience
Location: Atlanta, GA (DOR)
Duration: 12 Months
*Candidate MUST be local to Metro Atlanta*
**US Citizen or GC-Permanent Resident**
Bachelor’s degree in computer science/information technology/information security or related field or equivalent experience Required
Experience and demonstrated success in technology leadership with emphasis on information security and data governance Required 4 Years
Experience with cybersecurity tools, such as SIEM, EDR, and IDS Required 4 Years
Leads the development and delivery of IT security standards, best practices, architecture and systems to ensure information system security across the enterprise.
Job Summary:
An advanced-level security professional, participates in advanced information security related projects, performs deep-dive threat hunting, incident response, vulnerability management, and security architecture design, focusing on complex and novel threats that bypass automated systems. Is trained and experienced in meeting security needs of the agency and its employees in multiple locations and ensure people, processes, and technology aligns with the desired security posture of the organization. This role typically requires extensive experience, advanced skills in threat detection and mitigation, and may involve developing and optimizing security tools and processes. Cybersecurity Specialist 3 may serve as lead worker for projects and team.
Entry Qualifications
Bachelor’s degree in Computer Science/Information Technology/Information Security or related field or equivalent experience and four (4) years of proven experience and demonstrated success in technology leadership with emphasis on information security and data governance.
*Tax Clearance Letter, due at the time of submission* (pls review compliance tab for instruction on how the CANDIDATE must obtain this letter)
Key Responsibilities:
Advanced Threat Hunting:
· Proactively search for sophisticated, covert threats that evade automated detection.
· Possess a deep understanding of cybersecurity threats, vulnerabilities, security frameworks, and monitoring tools.
Complex Incident Response:
· Investigate, triage, and respond to security incidents, documenting findings for root cause analysis.
Vulnerability Assessment:
· Conduct in-depth vulnerability assessments and analyze asset discovery data to identify security gaps.
Security Architecture:
· Design and implement security solutions, often involving threat intelligence platforms and other advanced security technologies.
System Monitoring & Response:
· Actively monitor networks for unauthorized activities and respond to security incidents.
Tool Optimization:
· Evaluate and optimize existing cybersecurity tools, such as SIEM, EDR, and IDS, and recommend new technologies or processes.
· Threat Intelligence Integration:
Integrate various threat intelligence feeds into platforms like MISP to enhance detection capabilities.
Skills and Competencies:
Deep Technical Expertise:
· Mastery of intrusion detection systems (IDS), endpoint detection and response (EDR), and security information and event management (SIEM) platforms.
· High-level proficiency in computer science and information systems, network monitoring, and security software.
Vulnerability Management:
· Experience and skills with vulnerability assessment tools and techniques.
Threat Intelligence:
· The ability to gather, integrate, and analyze threat intelligence from various sources.
Incident Response (IR):
· In-depth knowledge of IR best practices and the ability to manage complex incidents.
Proactive Defense:
· A mindset focused on proactive threat hunting and prevention rather than just reaction.
Working Conditions:
Hybrid work schedule.
On-call rotation or occasional after-hours work in response to incidents.
•DOR will conduct a background check on all candidates considered for the position. Individuals must be compliant with Georgia tax obligations.
•Individuals having any overdue and unpaid taxes, or any felony convictions (no matter how long ago) will not be offered the position or hired.
•All employees will be fingerprinted.