Epicareer Might not Working Properly
Learn More
Please Turn on your JavaScript

Epicareer might not working properly because your browser javascript is turned off.

What is JavaScript?

JavaScript is like the magic behind making websites interactive. Basically, it makes Epicareer more enjoyable and engaging.
How do i turn this on?
Find tutorial for your browser below :
  1. Make sure the webpage is open.
  2. In the Safari app on your Mac, choose Safari > Preferences, then click Security.
  3. Make sure the Enable JavaScript checkbox is selected.
  4. Click Websites.
  5. On the left, click Content Blockers.
  6. Make sure Off is chosen in the pop-up menu next to the website.
  7. On the left, click Pop-up Windows.
  8. Make sure Allow is chosen in the pop-up menu next to the website.
Visit Site here
  1. Open Chrome on your computer.
  2. Click. then Settings.
  3. Click Privacy and Security.
  4. Click Site settings.
  5. Click JavaScript.
  6. Select Sites can use Javascript.
Visit Site here
  1. If you're running Windows OS, in the Firefox window, click Tools > Options.
  2. Tip: If you're running Mac OS, click the Firefox drop-down list > Preferences.
  3. On the Content tab, click the Enable JavaScript check box.
Visit Site here
  1. Click the "Settings and more" icon at the top right of the Edge browser window.
  2. Click Settings.
  3. From the Settings menu, click Cookies and site permissions.
  4. Scroll down and click on JavaScript.
  5. In the JavaScript window, toggle the slider to "on" or "allowed."
  6. Close the Settings tab.
  7. Refresh the page.
Visit Site here
  1. Go to Settings.
  2. Click Advanced in the left sidebar, and click Privacy & security.
  3. Under Privacy and security, click Site settings.
  4. Click JavaScript.
  5. At the top, turn on or off Allowed (recommended).
Visit Site here
Any Question? Contact us
logo
Jobs or company...

Security Operations Center (SOC) Security Experts

Salary undisclosed

Apply on

Dice

Availability Status

This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.

Original
Simplified

Position: Security Operations Center (SOC) Security Experts

Duration: 1 Year

Location: Minnesota (Remote)

(Deliverable Project)

Job Description:

The modernized SOC needs to complete and maintain documentation related to Incident Response Management in the form of an Incident Response Plan with enclosed playbooks.

The modernized SOC will use and maintain a philosophy of continuous process improvement. MNIT is seeking a vendor to initiate development of a glossary and assess, develop, gather approval for, and implement relevant policies and procedures.

Current SOC Overview

MNIT's current Security Operations Center (SOC) consists of the Information Security Incident Response Team (ISIRT) and Cyber Navigators (CN) within the Information Standards and Security Risk Management (ISRM) Division.

The current SOC is responsible for: planning, developing, and delivering incident response services; logging and monitoring; alert triage and investigation; threat response; remediation and recovery; and root-cause analysis across the executive branch and external governmental partners pertaining to the State of Minnesota's Whole-of-State mission and vision.

MNIT currently serves departments, agencies, boards, counsels, and other pseudo state agencies, governmental partners including counties, cities, tribal nations, and K-12 schools, protecting data of 5.5 million Minnesotans, providing IT security for state employees, including MNIT staff. MNIT has more than 2,080 supported applications, 10,000 network devices, and 300+ hosted websites. The SOC currently monitors approximately 50,000 endpoints for the executive branch and additional endpoints for governments throughout Minnesota.

The current SOC's services include:

  • Security Monitoring
    • Log collection and analysis for entities/services participating in SOC services.
  • Security Incident Response
    • Incident handling and response capabilities to assist with active cyber incidents impacting MNET. networks or customers.
  • Intrusion Detection and Prevention
    • Intrusion sensor monitoring for all activity between MNET resources and the Internet.
    • Intrusion Prevention services also available for entities on MNIT Exec VRF.
  • NetFlow Monitoring
    • NetFlow monitoring and detection for all MNET networks.
  • Daily Security Brief
    • Provided every weekday to update State and local partners on current cyber threats detected within and throughout the MN Government cyber network.
    • Daily updates include attack indicators and malicious site/email information to allow partners to quickly identify and prevent potential threats within their environments.
  • Security Collaboration Group
    • Minnesota Information Security Council is open to state and local cybersecurity partners and meets bi-monthly with urgent updates on cyber issues shared by email.
  • Baseline Security Policies
    • State security policies shared and available for adoption by local agencies Web Content Filtering. Endpoint Protection/Endpoint Detection and Response.

MNIT's environment overview:

Endpoint Detection and Response:

  • Tool: Endpoint detection and response (EDR) is a cybersecurity tool that uses behavioral analytics to automatically identify suspicious activity and provides real time responses.

Process:

  • Reveal attackers.
  • Integrate with threat intelligence.
  • Isolate endpoints
  • Record events and activities
  • Provide real-time visibility into endpoints.
  • Speed up investigations.
  • Enable quick and decisive remediation.

Security Information and Event Management:

  • Tool: SIEM (Security Information and Event Management) is an on-premises solution that analyzes network activity and log events to provide visibility across a security environment. It offers security intelligence capabilities such as threat hunting, security content, and advanced threat detection.

Process:

  • Advanced threat detection
  • Threat hunting
  • Ransomware
  • Compliance
  • MN Impact and utilization
  • MNIT SOC processes up to 80 events per second and sends roughly 4 terabytes of data per day to the data lake.
  • MNIT SOC currently utilizes an on-premises SIEM solution.

Security Orchestration, Automation, and Response:

  • Tool: MNIT SOAR is a hybrid, cloud-based and on-premises security orchestration, automation, and response (SOAR) platform that helps manage security alerts and incidents. SOAR centralizes security operations activities, automates response processes, and standardizes notifications to help mitigate risk and speed up resolution.

Process:

  • SOAR manages and automates the response to security alerts and incidents identified by existing monitoring and detection systems. MNIT SOAR standardizes response and notification processes to mitigate risk, speed resolution and streamline communications through a purpose-built SecOps management dashboard. A single interface enables the consolidation and visualization of threat intelligence and provides access to cases, reports, dashboards and metrics for individuals and teams.
  • Automation
  • Orchestration
  • Collecting and centralizing relevant event data.
  • Presenting consolidated incident response context
  • Initiating actions on third-party systems.
  • Case management
  • Reporting and Analytics

Deliverables:

Phase 1 Assessment and Roadmap

Perform a comprehensive assessment of current SOC capabilities, gaps, and build future state recommendations upon the work already done by MNIT and SOC teams. The vendor should:

  • Build on MNIT's current state assessment of the SOC workforce, infrastructure, processes, and capabilities.
  • Analyze existing technologies, tools, and methodologies utilized within the SOC.
  • Identify gaps, weaknesses, and areas for improvement in the current SOC environment.
  • Provide a holistic assessment based on the current state work already done and provide future state recommendations.
  • Benchmark MNIT against other large organizations similar in size and capabilities.

Provide an assessment report/strategic plan to MNIT with an implementation roadmap that includes at a minimum:

  • Recommended data management technical architecture, platform and management tools including identification of existing assets for reuse, modification and/or new assets to be acquired.
  • Recommendations for new or updates to existing standards, processes, and governance frameworks for managing the data platform.
  • Recommendations for organizing SOC's talent and skills to increase maturity, innovation, and support broadening the data analytic capabilities across the business.
  • Recommended migration plan for current data stores to be moved into a new data platform.
  • Risk Analysis and Mitigation Plan for the implementation of the recommended solution.
  • Opportunities to accelerate execution.
  • Critical technology investments required.
  • Critical success factors that balance speed of execution with long term approach to the architecture of the data platform and associated data.
  • Presentation of roadmap to key stakeholders

The implementation roadmap should be structured to allow for early and continual successes while maintaining movement toward a more robust analytics capability aligned with financial and resource availability.

Phase 2 Implementation and Transition (optional at State's discretion)

Technology evaluation and selection documentation, including vendor proposals and implementation plans:

  • Assist the State in evaluating modern cybersecurity technologies, including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), XDR, threat intelligence platforms, and advanced analytics solutions.
  • Help ensure Generative AI is incorporated into future tool stack to enhance automation and productivity.
  • Assist the State in selecting appropriate technologies based on organizational requirements, budget constraints, and scalability considerations.
  • Help ensure compatibility and integration capabilities with existing IT infrastructure and security tools.
  • Provide appropriate documentation.

Security Operations & Incident Response Process Improvement:

  • Help the State improve incident response processes, including triage, investigation, containment, and remediation.
  • Conduct tabletop exercises and simulations to test and refine incident response procedures.
  • Provide appropriate documentation.

Proactive Threat Management

  • Assist in integrating threat intelligence feeds into the SOC environment to provide real-time information on emerging threats and vulnerabilities.
  • Assist in automating the ingestion and analysis of threat intelligence to improve incident detection and response.

Security Automation

  • Implementing automation (AI) and orchestration capabilities to streamline repetitive tasks and response actions.
  • Developing playbooks.
  • Developing workflows for common security incidents to enable faster response times.
  • Finalizing/documenting the Incident Response Plan.

Vendor Qualifications

MNIT is seeking a vendor who has:

  • Extensive experience in providing independent assessments.
  • Proven history of creating roadmaps for complex organizations.
  • Extensive access to industry related research and ability to conduct independent research.
  • Demonstrated knowledge of and proven success in the security operations industry.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job
Similar Jobs

1d ago

Sr. Security Analyst
Warner Bros. International Television Production UK
Atlanta, United States of America

Full Time, onsite, onsite

Salary undisclosed