Under general direction of the VP of Product Security and Vulnerability Management perform the following tasks: Security Architecture Review, Information Security Policy Review, Threat Modeling, Information Security Consultation, Process Management, Policy Compliance, Vulnerability Management, Approval of Cloud Infrastructure Requests, and Presentations on security related topics. This position requires verbal/written communication with management and technical staff. Security Architecture Review: Review application technical specification documents to determine compliance with BR policies, standards, and guidelines. Provide actionable feedback to application developers to ensure appropriate security features are built into new applications and changes to existing applications maintain compliance. IS Policy Review: Review IS Policies to ensure continued compliance with all appropriate industry regulations (including but not limited to PCI-DSS, HIPAA, GDPR, and CCPA) are aligned with IS best practices, and conform to the company's vision statement. Threat Modeling: Work with application development teams, including management and technical resources, to develop comprehensive threat models for new and existing applications. Provide highly target feedback to ensure security controls can be prioritized and implemented. Cloud Infrastructure: Review infrastructure requests to ensure appropriate controls and services are used and provide detailed technical feedback as needed. When appropriate, communicate directly with technical staff to determine project requirements, service compatibility issues, and refer teams to our exception management process as needed.

Information Technology Specialist II - Enterprise Information Security EngineerAgency Security Operations Center covering 21 state entities with 25,000+ users.Security Monitoring and Threat Hunting service owner: Create and maintain security monitoring use cases. Assist the SEIM administrator in implementing the most complex use cases to ensure related correlation searches meet the monitoring objectives. Perform all duties of the vendor provided SEIM administrator in a backup capacity.Incident Response: Provide technical guidance to relevant IT personnel to aid in mitigation and remediation of security incidentsGRC/Documentation: Write and develop Security Operations Center Charter and develop all required service, process, and procedure documentation.Project Management: Work with all appropriate stakeholders including the Agency Information Officer, CIOs, ISOs, and technical staff from in scope entities within CNRA to ensure buy-in for security services and the related implementation plan. When necessary participate in and conduct meetings, presentations, and technical discussions.IT Service Management: Direct the development of a custom ServiceNow application to provide security incident notifications for the Security Monitoring service.Security Monitoring and Threat HuntingMentoring: Mentor Security Analysts of all levels through regular lunch and/or work time meetings to discuss security related topics impacting state entities, training and educational opportunities, and career opportunities.

Information Technology Specialist I Range CThis position is part of the Cyber security Protection and Response unit and is in direct support of the Security Operations Center covering 6,000 users.Under direction of the IT Manager I, and direct supervision of the IT Supervisor II, act as Technical Lead and Senior SOC Analyst for the Graveyard shift.Tier 2 Security Monitoring: Analyze and respond to correlated security eventsSpam and Phishing Analysis: Review messages email identified security controls to remediate any threatsWireless (Wi-Fi) Security: Detection of rogue/potentially malicious devices and APsTier 1 Review: Primary escalation point for potential incidentsIncident Response: Initiate IR for identified events and communicate with Supervisors, Managers, and Executives utilizing established procedures for High Risk, Urgent, or Early Warning events. Document the analysis leading to incident declaration and subsequent IR activities. Performs (non-security incident response for issues with end-user impact. Data Loss Prevention: Analyze events from DLP controls to determine potential incidents or identify training opportunities.Vulnerability Management/Continuous Assessment: Identify and detect known vulnerabilities and communicate prioritized results to technical staff for remediation. Analyze and distribute newly disclosed vulnerability information from threat intelligence sources.Technical Security Controls Maintenance: Perform technical system administration tasks regularly for multiple security systems, to ensure proper maintenance and operation. Administration and configuration of IPS, Firewalls, Wireless Controllers, and other technical controls as needed.Threat HuntingDocument and improve existing processes and proceduresRegularly participate in CPR unit leadership meetingsAssist in hiring, onboarding, and training IT Associates for Swing and Graveyard shiftsAssist in developing customized training plans for SOC Analysts (IT Associates)

Information Technology Associate Range DService Desk supporting 1800 usersTier 2 Troubleshooting of user issuesApplication and Operating System Deployment using Microsoft SCCMApplication Accessibility TestingComputer imaging for (re)deployment to usersTicket system research and management

Principle and Technical LeadDevelop and maintain business plan, policies, and proceduresPerform the following duties for SMB clients:Business Continuity PlanningStandards DevelopmentBusiness AnalysisClient OnboardingIaaS and PaaS System Design and ArchitectureServer/Application Deployment AutomationSecurity AssessmentsBackup and Disaster Recover PlanningCreate and maintain technical documentationNetwork ManagementScripting as needed (PHP, JavaScript, HTML, SQL, PowerShell, Bash, and C++)

Provided general IT Support for SMBs. Duties vary by client and cover basic maintenance to complete network setup and installation.Critical website support addressing design, layout, and functionality issues for small design firms and businesses. Emphasis placed on cross browser compatibility within eCommerce and CMS platform templates.