Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ITSI - SOC Cyber Security Analyst
Company CDT | CA GOV Dept of Technology
Location Rancho Cordova, CA USA / Remote 90% Telework
Preferred GIAC Certifications GSEC, GCIH, GCIA, GPEN, GDAT, GCFA, GMON, GCTI
Travel 0%
Salary Not provided
URL https://jobs.ca.gov/CalHrPublic/Jobs/JobPosting.aspx?JobControlId=229869
Contact Name CalCareer Jobs
Contact Email CalCareer/at/calhr.ca.gov
Expires 2021-06-11

Job Description

There are two ITS I - Cyber Security Analyst SOC positions available (different days):
It is recommended to apply to both positions (i.e submit the same complete application to both positions):

Work Week Position 1:
Wednesday-Saturday (4/10)(3 days off)
https://calcareers.ca.gov/CalHrPublic/Jobs/JobPosting.aspx?JobControlId=229869

Work Week Position 2:
Sunday-Wednesday(4/10)(3 days off)
https://www.calcareers.ca.gov/CalHrPublic/Jobs/JobPosting.aspx?JobControlId=243668

Job Description

Work Shift:
1:00pm-11:30pm-Swing


Steps to get a State Job in California:
https://www.calcareers.ca.gov/CalHRPublic/Landing/Jobs/Steps.aspx

Generous Benefits
The State of California offers its employees generous benefits that include retirement and savings plans, health and dental insurance, and access to long-term disability and long-term care insurance. You will also earn vacation and sick leave.

Under the direction of the Security Monitoring and Intelligence (SMI) Information Technology Supervisor II (IT Sup II), the Information Technology Specialist I (IT Spec I) is a member of the Security Operations Center (SOC) working as a high-level technical security specialist. The IT Spec I will perform Tier 2/1 SOC duties as needed as part of the security detection, analysis, and response team to provide critical protection of California Department of Technology (CDT) and State Information Technology (IT) assets. The IT Spec I will participate in incident response activities as required as a member of the IT Security Incident Response Team.


Desirable Qualifications
In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

Experience in a Cybersecurity/Information Security role, including security vulnerability assessment, security event analysis, security incident response, security technology (firewall, antivirus, web security, data loss prevention) administration, security policy maintenance.

Related Bachelor’s degree in Science, Business, and/or Security.

GIAC or Security certification related to cyber defense, incident response, penetration testing, or security management.

Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).

Knowledge of cyber threats and vulnerabilities.

Knowledge of incident response and handling methodologies. Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).

Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).

Knowledge of penetration testing principles, tools, and techniques.

Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list).