Cybersecurity Analyst (Remote role)

Cybersecurity Analyst (Remote Role)

Client Location : Augusta-Maine

Job Description

PROPOSED JOB TITLE : Security Operation Center Analyst III

As a Cybersecurity Analyst III, the candidate will be responsible for vulnerability

management, cyber threat identification, evaluation, prioritization, and remediation

activities under the direction of the Cyber Security Manager. The candidate will

continuously review existing and proposed protections to State of Maine systems, networks,

and software designs, and is responsible for analyzing, logging alerting data, identifying,

and escalating potential security events. The Cyber Security Analyst will partner with

business users to support the integration of cybersecurity protections into business

operations and will act as a key member of the Vulnerability Management team.

PRIMARY RESPONSIBILITIES :

• Deploy, manage, and maintain enterprise Cybersecurity toolsets
• Review new systems such as networks and software designs for security risks,

recommending mitigations or countermeasures, and resolving integration issues.

Have current and complete knowledge on the Vulnerability Management program to

include having Application Scanning experience and an understanding of

environmental best practices.

Be emersed in industry best practices and standards such as : Vulnerability Life

Cycle, OWASP Top 10, NIST, CISA, SANS, CVSS Scoring.

Develop, manage, and measure metrics to understand the trends, quality, and

insights from the vulnerability results to facilitate business decisions, automation

development, and update of executive dashboards, reports, and templates.

Assist team members with ticket queue management by taking responsibility for and

delegating tickets to the team.

Provide a cybersecurity partnership with the business to ensure proper

implementation of protections toward current and future projects.

Under direction and per procedures, perform required tasks and coordinate with IT

and Vulnerability Management team and SOC team members.

Coordinate architecture and engineering activities with other IT teams as well as

internal organizations in an efficient and professional manner. Lead vulnerability

management efforts in the detection, triage, tooling expansion, data aggregation and

reporting processes, tooling, and automation.

Develop cross-functional team relationships to become trusted point of contact and

liaison for inquiries, subject matter expert coordinating all issues, capability gaps,

and enhancement requests in the product.

In this role, this position will assist the Security Operations Center in maturing and

developing a vulnerability program.

This individual will work with key stakeholders to establish vulnerability and patch

management practices to ensure the execution of these functions tighten the security

posture within the State of Maine.

Fill in other security functions as directed by the Security Operations Center

Manager.

Uses a reactive approach to security that focuses on prevention, detection remediations of vulnerabilities.

MINMUM QUALIFICATIONS :

Years of Relevant Experience : 10 years of information security experience, with a focus on

risk analysis, vulnerability assessment, and security testing within an enterprise

environment. The ideal candidate will have knowledge of Windows or Linux systems and

their associated scripting (PowerShell, python, bash) languages, experience with AWS or

Azure cloud environments, and will have worked with vulnerability and manual testing

following OWASP Top 10 products such as Tenable Nessus, Rapid 7 InsightVM, HCL App

Scan, MDVM, Qualys, Burp Suite, ZAP or similar. The ideal candidate will have experience in

both application scanning and device vulnerability management procedures.

Preferred Education : 4-year college degree in computer science or a related field with

advanced study preferred; One or more relevant technical security certifications are a

plus (GIAC, ISC2, CompTIA, EC Counsil, etc.)