Epicareer Might not Working Properly
Learn More

Security Analyst

Salary undisclosed

Apply on


Original
Simplified

Title: Security Analyst

Location: - Tallahassee, FL 32301 (Hybrid)

Hire Type: Contract

The selected applicant will be expected to perform some combination of the following tasks:

1. Develop and Manage Security Best Practices for: Establish and maintain security best practices aligned with objectives.

2. Assist with Development and Implementation of Security Policies and Procedures: Contribute to creating, deploying, and enforcing comprehensive security policies and procedures.

3. Prepare Security Documentation: Create and maintain detailed security documentation to ensure accuracy and compliance with industry standards.

4. Develop Risk Analysis and Security Reporting: Conduct risk assessments, develop mitigation strategies, and generate security reports to support informed decision-making.

5. Monitor and Remediate Software or Hardware Vulnerabilities: Identify, monitor, and address vulnerabilities in software and hardware to safeguard assets.

6. Evaluate Current and Future Security Tools and Systems: Assess existing and potential security tools and systems, providing recommendations for enhancements or new implementations.

7. Respond to Security Incidents: Act as a primary responder to security events, executing incident response protocols and ensuring timely resolution.

8. Conduct After-Action Reviews: Thoroughly review and analyze security incidents to identify root causes and lessons learned, producing after-action reports as needed.

9. Mitigate Identified Risks: Implement strategies to mitigate risks identified through assessments and incident analyses.

10. Educate IT and Program Areas About Security Policies: Train and inform IT teams and program areas on security policies to ensure widespread understanding and adherence.

11. Submit and Oversee Change Control Process: Manage the change control process, ensuring all modifications are documented and compliant with standards.

12. Document Hours Worked by Task(s): Accurately record hours spent on each task for accountability and project management purposes.

13. Follow IT Processes and Coordinate with Other IT Staff to Ensure Compliance with Standards: Adhere to IT protocols and collaborate with IT staff to maintain compliance with organizational standards.

14. Comply with and Enforce All Agency Policies, Procedures, and Security Policies: Adhere to and enforce all relevant agency and security policies and procedures.

15. Provide Technical Training (Knowledge Transfer) to Office of Information Technology Support Staff Related to IT Security: Deliver technical training and facilitate knowledge transfer to IT support staff focused on information security

16. Deliverables and Performance Standards: The Standards and Specifications table below defines the deliverables and performance standards associated with each task.

17. Confidentiality and Data Protection: The Contractor agrees to adhere to all confidentiality and data protection policies set forth. Any sensitive information accessed or handled during the engagement must be kept confidential and secure.

Qualification Requirements:

Four or more years of combined IT and security work experience with a broad range of exposure to systems Analysis.

Four or more years of experience with information technology security.

Four or more years of experience with Firewall policies, implementation, and best practices.

Two or more years of experience with cloud computing and cloud computing security.

Requires knowledge of security issues, techniques, and implications across all existing.

computer platforms.

Must have good understanding of NIST cybersecurity Framework.

Must have good understanding of NIST RMF.

Must have a good understanding of MITRE framework.

Must be CJIS certified or can become CJIS certified.

Education:

Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience.

Cyber Security Certifications examples: CISSP, Security +, OSCP, CISA.