Security Analyst with Risk Management, privacy/security policy, vulnerability scanning/assessment, NIST, ISO-27001, HIPAA, IRS Pub 1075, network mapping and NESSUS/NMAP experience
Location: Raleigh NC (NCDHHS)
Duration: 12 months
Interview: Webcam Interview Only
Positions: 1 (1/2)
Risk Management – must be able to Identify gaps through risk management, and assist in the development of mitigation strategies. Required 7 Years
Experience updating privacy and security policies based on gaps found through an assessment process. Required 7 Years
Discover, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method. Required 7 Years
Experience documenting vulnerability assessment results in a accurate, clear, actionable, and available way to appropriate personnel Required 7 Years
Must be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needs Required 7 Years
Must be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies. Required 7 Years
Experience Performing risk assessments based on NIST 800-53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075. Required 7 Years
Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP. Required 7 Years
NC DHHS – Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid county offices in the identification of gaps through risk management, and assist in the development of mitigation strategies, and to establish the target security/infrastructure architecture.
Duties include, are not limited to:
-Experience with Splunk, network security, server and system security, and application security supporting event management tools, including SIEMs.
-Experience in configuring the data ingestion to Splunk cloud from various data sources such as Linux Logs, Application Logs and Cloud Native Service Logs.
-Detailed understanding and strong skill set in operating and working with the Splunk toolset
-Proven experience with rule and advanced logic creation in Splunk, including knowledge of thorough understanding and operational experience with Splunk Search Language
-Development of automated searches and applications using Python, Shell scripting, HTML, CSS, and regular expressions
-Experience in developing Splunk Dashboards and configuring alerts for notable events.
-Thorough understanding of Splunk’s Common Information Model (CIM)
-Experience in configuring and customizing the Splunk Enterprise Security for SIEM capabilities.
-Expert level skills in assessing the current Splunk Cloud Infrastructure and ensure that it was configured using Splunk Best Practices.
-Experience in implementing Advanced Threat Analytics using Splunk Enterprise Security
-Experience with a scripting language (Bash, Python)
-Expertise with Linux and Command-line interface
-Experience deploying apps within Splunk or administrating the Splunk platform
-Excellent troubleshooting skills and strong technical learning aptitude required.