Candidates MUST be WI residents or willing to relocate to WI at their own expense prior to starting. This position can work 100% remotely (within the state of WI).
Job Description:
DNR IT Information and Data Security section is looking for a Security Analyst II for our Continuous Diagnostics and Mitigation (CDM) Program with a strong focus on identifying cybersecurity vulnerabilities on an ongoing basis, supporting automated assessment methods and monitoring of implemented security controls.
Responsibilities:
-
Provide guidance and technical assistance to system administrators in securing the systems and networks under DNR IT areas of responsibility.
- Ensure and assess the entire DNR network is continually monitored for security vulnerabilities and compromises.
- Conduct security self-assessments (e.g., Penetration Testing) to evaluate the processes, procedures and tools used to review, assess, and test information systems controls and security across DNR managed systems.
- Report security status, vulnerabilities, and issues to management
- Work with the Department of Administration Division of Enterprise Technology pre- and post-implementation audits of new systems to ensure secure integration.
- Periodic review and analysis of system Integrity, data integrity and data flows
- Assurance of quality and consistency of all DNR information technology-related activities including standards, policies and procedures
- Audit access rights and ensure alignment to policies.
Skills needed:
-
Strong understanding of Directory Services including Active Directory.
- Strong understanding of Modern Authentication, Authorization, and Accounting including Role-based and attribute-based access controls RBAC and ABAC.
- Strong understanding of Security information and event management (SIEM)methods and tools.
- Understanding of Identity access systems (IAM) and network access control (NAC).
- Understand the purpose and structure of the National Vulnerability Database (NVD), Common Vulnerability Database (CVE), Common Weaknesses and Enumeration (CWE) and Common Attack Pattern Enumeration and Classification Database (CAPEC)
- Basic understanding of Transact and ANSI Structure Query Language (SQL)
- Knowledge of NIST Risk Management (RMF) and Cyber security Framework (CSF)
Nice to have skills:
-
Tenable Administration
- MS Web Defender Administration
- Zimperium (Mobile Device) Administration
- PowerShell Scripting – (Intermediate)
Required Knowledge:
-
ZScaler Administration
- Incident Response Life Cycle
Cyber Security Risk Management Principles
-
Additional Details :
Projected Start Date : 2024-07-26T00:00:00
Projected End Date : 2025-06-30T00:00:00
Client Company : State Of Wisconsin
Vendor Pay Rate : 39.52
Selling points for candidate :
Face to face interview required : No
Candidate must be authorized to work without sponsorship : No
Background Check : No
Drug Screen : No