Job ID: VA-653070 (98690610)
Security Analyst with SEIM, Silverline WAF, auditing, incident response, NIST, ISO, COBIT, NICE, ITIL, Acunetix, NESSUS, SPLUNK/ELASTIC, Varonis Data Security platform and risk assessment experience
Location:Richmond, VA (VDH)
Duration: 12 months
Interview: Web Cam Interview Only
local candidates strongly preferred
*Once the quarantine is lifted, they will be REQUIRED to work onsite at the agency 100% of the time with NO ongoing remote work.
Skill Required :
-Develop, review, and provide recommendations for System Information and Event Management (SEIM) design for VDH to include technical data gathering, Required 5 Years
-Configure rules and alerts for Silverline Web Application Firewall (WAF) Required 1 Years
-Perform gap analysis of auditing and accountability security requirements and present recommendations to leadership. Required 3 Years
-Develop auditing and accountability processes. Required 3 Years
-Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team to re Required 3 Years
-Proactive hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts. Required 3 Years
-Review and update the Agency Incident Response Plan. Required 3 Years
-Proactive coordination with appropriate departments during a security incident – management, legal, security, operations, and others. Required 3 Years
-Conducting research regarding the latest methods, tools, and trends in digital forensics analysis. Required 5 Years
-Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis. Required 5 Years
-Other duties as assigned to assist the Infrastructure Information Security Officer (ISO). Required 5 Years
-BS or BA degree in a Computer Science or a related technical discipline, five (5) or more years of relative experience or training. Required 5 Years
-Familiarity with the Commonwealth’s Security policies, National Institute of Standards and Technology (NIST), ISO 27001, COBIT, NICE, ITIL or others Required 5 Years
-Knowledge of Acunetix or NESSUS, SPLUNK/ELASTIC, Varonis Data Security platform, system audits, incident response and mitigation, risk assessments, Required 5 Years
The Cybersecurity Engineer (SIEM) is part of the Information Security Team. The selected individual will be responsible for incident response, threat hunting, and data analysis to protect and maintain the overall security of the enterprise.
Responsibilities:
• Develop, review, and provide recommendations for System Information and Event Management (SEIM) design for VDH to include technical data gathering, security and policy review and configuration, security device implementation planning and security event monitoring, configuration and implementation of security product and technical quality assurance.
• Configure rules and alerts for Silverline Web Application Firewall (WAF).
• Perform gap analysis of auditing and accountability security requirements and present recommendations to leadership.
• Develop auditing and accountability processes.
• Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team to resolve issue.
• Proactive hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts.
• Review and update the Agency Incident Response Plan.
• Proactive coordination with appropriate departments during a security incident – management, legal, security, operations, and others.
• Conducting research regarding the latest methods, tools, and trends in digital forensics analysis.
• Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis.
• Other duties as assigned to assist the Infrastructure Information Security Officer (ISO).
Required:
• BS or BA degree in a Computer Science or a related technical discipline, five (5) or more years of relative experience or training.
• Familiarity with the Commonwealth’s Security policies, National Institute of Standards and Technology (NIST), ISO 27001, COBIT, NICE, ITIL or others.
• Knowledge of Acunetix or NESSUS, SPLUNK/ELASTIC, Varonis Data Security platform, system audits, incident response and mitigation, risk assessments, vulnerability scanning, or penetration tests.
Preferred. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Network+, Security+, or GIAC Cybersecurity Certifications.
VA_ERTR-653070