Employment Opportunity


Senior Cyber Security Analyst

Governor's Office of Information Technology, Denver, Colorado

Salary: $6,117.60 - $7,916.67 Monthly

Final Filing Date: Open until filled

The Cyber Security Specialist will participate in the Joint Cyber Task Force (JCTF) in coordination with the JCTF Infrastructure Protection (IP) Unit. This will include working with JCTF Partners to collect, analyze, and disseminate threat intelligence from multiple sources and search for indicators of compromise on Colorado state owned and managed networks. Assist law enforcement to investigate instances of cybercrime throughout the state of Colorado at the direction of the JCTF. Work collaboratively with OIT security operations staff to recommend solutions to address indicators of compromise and prevent future successful attacks. Collect, analyze, and prepare threat briefing reports for multiple audiences on a monthly basis to allow for strategic planning to improve security and reduce risk for the state of Colorado.

In coordination with the JCTF information Technology team, the Cyber Security Specialist will help identify and recommend security technologies that will assist in the quick detection and eradication of cyber threats. It will be expected that the Cyber Security Specialist will develop and maintain a strong working relationship with investigatory bodies involved in cyber incident response and investigations, including State and local law enforcement, the FBI Cyber Units, and RCFLs and assist as directed. Being a strong and accomplished communicator both verbally and in written form is a must.

Duties and Requirements Click to read more

Duties:

Threat Analysis:
  • Cyber threat intelligence analysis - Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution if problems are discovered.
  • Participate in incident response, analysis, and cooperative work to resolve issues discovered during incident. Report on incident findings in a timely manner and assist law enforcement personnel in ensuring the successful resolution of cases.
  • Assist OIT in the Incident Response process and serve as a member of the state's Computer Incident Response Team. The role will be to serve as a subject matter expert in the incident response process by detecting, analyzing, containing, eradicating, restoring, and performing after action review with the CIRT and recommend areas of improvement, lessons learned, and best practices.
  • Analyze and in some cases reverse engineer malicious software utilizing industry wide accepted technical tools to identify the source and work with State Of Colorado Law Enforcement to ensure successful prosecution of computer crime.
Internal Forensic Analysis:
  • Perform Forensic evaluation and analysis on all major Operating Systems using standardized industry wide adopted tool sets.
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions. Utilizes the Network Forensic Generic Process Model.
  • Utilizing standards and methodologies, the role will identify targets for examination, collect all relevant data, preserve data/evidence in a forensically sound manner, examine and analyze collected data, report results, may be called upon to present in court, and archive data.
  • Collaborate with all involved stakeholders to ensure successful collection, analysis, and presentation. Assist law enforcement personnel in case building activities and be a subject matter resource as required.
Forensic Evaluation:
  • Perform Network based Forensic analysis and prepare reports and work cooperatively with all members of the JCTF to ensure successful completion of investigations. The work will be accomplished by collecting log files from routers, switches, firewalls, and security appliances like intrusion prevention systems to identify origin of attacks, likely entry points, and ways to prevent in the future.
  • Perform Penetration Testing as required and needed to ensure successful completion of investigations. Prepare recommendations as a result of the penetration testing to assist in reducing risk and vulnerabilities on state IT systems. Provide guidance and technical support in effecting system hardening and patching critical vulnerabilities.

Requirements:

Successful candidates for this position will possess the following skills and experience:
  • A minimum of 3-5 years of professional experience in the Information Security field with an emphasis on forensic examination, penetration testing, and incident response.
  • Experience in developing, documenting and maintaining security procedures.
  • Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
  • Top Secret/Sensitive Compartmented Information (TS/SCI) Federal Security clearance eligibilty. Must be eligible to attain (TS/SCI) clearance from the Federal Bureau of Investigations. Failure to attain a clearance will result in the candidate being disqualified from working in this role.
  • A Bachelor's degree or equivalent experience.
  • Demonstrated expertise in performing computer forensic examinations and reporting. Demonstrated experience performing penetration testing and making relevant recommendations to remediate findings. In depth understanding of best practices in cyber incident response processes and procedures.
  • Comptia Security +, CISSP, GSEC, CEH, or other equivalent certifications from recognized standards bodies.

Do you have the Education Required? See available on-line and campus-based degree programs now!

How to apply: Apply online

Posted: August 30, 2019


NOTE: The crime-scene-investigator.net is not responsible for typographical errors or omissions in employment notices on this web site. Often, employers change final filing dates, change duties and/or requirements, or close employment openings without notice. If you are interested in a job posted on this site be sure to contact the employer to see if changes in the filing date or job announcement have been made. Employers can also provide more information about open positions that does not appear in the announcements on these pages.