|Company||CDT | CA GOV Dept of Technology|
|Location||Rancho Cordova, CA USA / Remote 90% Telework|
|Preferred GIAC Certifications||GSEC, GCIH, GCIA, GPEN, GDAT, GCFA, GMON, GCTI|
|Contact Name||CalCareer Jobs|
Steps to get a State Job in California:
The State of California offers its employees generous benefits that include retirement and savings plans, health and dental insurance, and access to long-term disability and long-term care insurance. You will also earn vacation and sick leave.
Under the direction of the Security Monitoring and Intelligence (SMI) Information Technology Supervisor II (IT Sup II), the Information Technology Specialist I (IT Spec I) is a member of the Security Operations Center (SOC) working as a high-level technical security specialist. The IT Spec I will perform Tier 2/1 SOC duties as needed as part of the security detection, analysis, and response team to provide critical protection of California Department of Technology (CDT) and State Information Technology (IT) assets. The IT Spec I will participate in incident response activities as required as a member of the IT Security Incident Response Team.
In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:
Experience in a Cybersecurity/Information Security role, including security vulnerability assessment, security event analysis, security incident response, security technology (firewall, antivirus, web security, data loss prevention) administration, security policy maintenance.
Related Bachelor’s degree in Science, Business, and/or Security.
GIAC or Security certification related to cyber defense, incident response, penetration testing, or security management.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
Knowledge of cyber threats and vulnerabilities.
Knowledge of incident response and handling methodologies. Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
Knowledge of penetration testing principles, tools, and techniques.
Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list).