Employment Opportunity


Security Analyst II/III

Monterey County Information Technology Department, Salinas, California

Salary: $5,603 - $8,455 per month

Final Filing Date: Open Until Filled, Priority Screen Date: October 11, 2016

Duties and Requirements Click to read more

Duties:

Paramount duties include:
  • Perform email, disk, and Internet forensic investigations at the direction of the Chief Security Officer (CSO) and/or the Department of County Counsel.
  • Perform threat hunting activities including intrusion detection, firewall log analysis, Security Event and Incident Management (SEIM) analysis, and malware analysis.
  • Perform security incident response activities, including containment, eradication, and recovery of affected systems.
  • Assist in the development and delivery of security awareness programs for all levels of the organization including, but not limited to, the new hire process and ongoing awareness campaign.
  • Monitor Computer Emergency Readiness Team (CERT), SANS Institute, Multi-State Information Sharing and Analysis Center (MS-ISAC), and other applicable security sites and bulletins regarding new and existing threats and vulnerabilities to County information systems, and provide daily notification via alert bulletins to appropriate personnel.
In addition, the Security Analyst III:
  • Provide leadership with the technical evaluation and testing of hardware, firmware, and software for any possible impact on the security of systems.
  • Provide leadership in threat hunting activities including intrusion detection, firewall log analysis, SEIM analysis, and malware analysis.
  • Provide leadership to the ITD security team and the County's security incident response team with security incident response activities including containment, eradication, and recovery of affected systems.
  • Provide expert technical consultation, guidance, and assistance to management and system users to ensure the protection of systems and networks by providing controls, processes, and procedures.
  • Provide technical consultation and management in identifying, evaluating, and documenting use of systems and other related equipment to ensure compliance with security requirements.
  • Provide leadership in the configuration and implementation of vulnerability assessment, scanning, and reporting on County systems.
  • Investigate new methods and procedures related to the Information Security aspects of the systems, local area networks, and their associated connectivity.

To view the complete job description visit the Monterey County Website: http://www.co.monterey.ca.us/personnel/specifications.asp

Requirements:

Knowledge of:
  • Principles and practices of information security theory and methods; Information security analysis processes and procedures; Information security SEIM development and maintenance; User access control processes and documentation; Operating systems security (Linux, Windows), systems hardening, host scanning tools, integrity tools, host and network-based intrusion detection systems; Hardware and software products that enhance the security of systems such as port scanning and vulnerability identification, monitoring, and logging mechanisms; Information security capabilities of modern computers and network devices; Technical evaluation and testing of hardware and software related to system security "hardening" and risk mitigation; Hardware and software products that enhance the security of systems such as Intrusion Detection Systems, firewalls, and security event management.
In addition, the Security Analyst III must demonstrate thorough knowledge of:
  • Authentication technologies and processes and Public Key Infrastructure knowledge; Intrusion detection, threat hunting, and security incident response practices and procedures; Firewall analysis, network packet analysis utilizing common tools such as tcpdump, nmap and Snort; Log SEIM analysis tools, such as Splunk; Active Directory and Windows network security.
Skill and ability to:
  • Analyze, identify, and resolve problems; Understand processes and procedures used in system user access control systems to prevent unauthorized access, modification, disclosure, misuse, manipulation, or destruction; Keep current with changing technologies; Define organizational information security requirements; Identify and analyze information security risks; Read, understand, and interpret documents of complex technical content, and hardware and software security subject matter; Work independently under limited supervision, exercise initiative within established procedural guidelines, and organize and prioritize work to meet established deadlines; Communicate effectively both orally and in writing; Exercise good judgment, decisiveness, and creativity; Establish and communicate work objectives; Learn and apply County and industry standards and policies; Follow oral and written instructions; Establish and maintain effective work relationships.
In addition, the Security Analyst III must demonstrate skill and ability to:
  • Audit and test organizational firewalls and security defenses; Identify, analyze, and resolve highly complex security problems; Learn and apply new technologies, methods, and/or procedure; and lead, mentor, and train others.
Examples of Experience/Education/Training
Any combination of training, education, and/or experience which provides for the knowledge, skills and abilities required to perform the duties listed above is qualifying. An example of a way these requirements might be acquired is:
  • Security Analyst II:
    • Three (3) years of progressively responsible technology systems experience performing complex information security procedures and methods.
  • Security Analyst III:
    • Five (5) years of progressively responsible technology systems experience performing complex information security procedures and methods. Certification from the SANS Institute or a similarly recognized organization is desirable.
Conditions of employment include:
  • Successfully complete a background check to include fingerprinting; Possess and maintain a valid California Class C driver license and satisfactory driving record; Work outside of normal business hours on occasion, as needed.

Do you have the Education Required? See available on-line and campus-based degree programs now!

How to apply: Apply online

Posted: September 12, 2016



NOTE: The crime-scene-investigator.net is not responsible for typographical errors or omissions in employment notices on this web site. Often, employers change final filing dates, change duties and/or requirements, or close employment openings without notice. If you are interested in a job posted on this site be sure to contact the employer to see if changes in the filing date or job announcement have been made. Employers can also provide more information about open positions that does not appear in the announcements on these pages.