- no c2c * W2 only; Web cam interview Onsite **
Description:
This is an ongoing project with aggressive timelines. A majority of the team is made up of experienced professionals, and we are seeking individuals who are highly productive, flexible, and comfortable working in an environment where priorities can shift. Team members are expected to contribute with minimal supervision. Candidates who enjoy complex, change-driven projects and collaborating with motivated colleagues will find this position appealing.
Scope of the Project
The Office of Cybersecurity ensures the confidentiality, integrity and availability of SCDHH's systems and services. Strong candidate must have hands-on experience with:
Data network design best practices
Routing and switching protocols
Network security best practices
On-premise and/or cloud networking environments
This role requires someone who can contribute independently on technical tasks and support more senior analysts on complex initiatives.
Daily Duties / Responsibilities
This is a hands-on technical role reporting to the Office of Cybersecurity SOC lead. The analyst will support SCDHHS leadership, business units, partners, and vendors in day-to-day cybersecurity operations.
Security Program Experience
Strongly desired experience includes:
CMS ARC-AMPE, HIPAA, NIST or other FISMA RMF frameworks
Performing repeatable security processes supporting compliant enterprise architectures
Supporting security considerations for multi-tenant cloud environments and vendor integrations
Technical Experience
Candidates should have hands-on experience with:
Secure network design principles
Windows, macOS, and Linux operating systems
Switching and Routing
Enterprise Firewalls
Network auditing
IDS/IPS platforms
Network security monitoring
SIEM platforms such as QRadar, Splunk (Preferred)
Vulnerability scanning tools (Nessus, Qualys, etc.)
Cloud Infrastructure Security (Preferred)
Essential Responsibilities
Assist in maturing network security and compliance solutions
Investigate and respond to daily network alerts
Perform network security assessments for proposed firewall and infrastructure changes
Conduct technical analysis for network security planning and engineering
Review and assessment of connectivity, website block and firewall rule requests to ensure they do not present an elevated risk to the agency
Analyze on-premise and cloud networks for potential threats
Develop, review, and analyze network traffic reports that violate the agency's approved standards governing Ports, Protocols and Services
Monitor emerging threat vectors and recommend countermeasures
Collaborate with other areas of the agency to implement security controls
Support cloud and on-premise network changes and enhancement projects
Ensure compliance with ARC-AMPE, HIPAA and SCDIS-200
Assist with KPI creation and trend report monitoring
Participate in firewall configuration reviews and ruleset recertification
Provide guidance on best practices to technical teams
Perform additional SOC duties as assigned
Required Skills (Ranked in Order of Importance)
Approximately 3-5 years of hands-on experience in network design, implementation, or support
Hand-on experience in IT security or system administration
Working knowledge of secure network design, security architecture, compliance tools, data protection, and access models
Preferred Skills (Ranked in Order of Importance)
Experience working in regulatory environments
Experience supporting health IT or state government
Familiarity with FISMA, NIST, CMS ARC-AMPE, and HIPAA security and privacy standards
Cloud network security controls
Ability to analyze logs, alerts, and network telemetry
Proficiency with Microsoft Office tools (Azure or AWS)
Required Education / Certifications
BS degree in Computer Science, information systems, Cybersecurity, or related field; or equivalent experience
A network security centric certification such as PCNSE or CCNA
Preferred Education / Certifications
CISSP or Security+