Vacancy expired!
- Local candidates required in order to be onsite for sudden security issues
- Candidate MUST be comfortable working ONSITE 5 days/wk the first few weeks, then as required for security issues - this is REQUIRED
- Free onsite parking
- The primary purpose of this position is to help coordinate/report on cyber incidents impacting the Agency.
- This position involves critical duties/responsibilities that must continue to be performed during crisis situations and contingency operations.
- Monitor security events received through alerts from SIEM or other security tools.
- Carry out Level 1 triage of incoming issues (initially assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request).
- Provides knowledge in threat intelligence and cyber security defense.
- Develops, researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption.
- Identifies, deters, monitors, and investigates computer and network intrusions.
- Provides computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
- Conducts incident response according to departmental breach response process.
- Leads threat intelligence and incident response.
- Carry out limited incident response to end users for low complexity security incidents.
- Maintain assigned ticket queue.
- Participate actively in the resolution of incidents, even after they are escalated.