You are viewing a preview of this job. Log in or register to view more details about this job.

DNR IT Information and Data Security section is looking for a Security Analyst II for our Continuous Diagnostics and Mitigation (CDM) Program with a strong focus on
identifying cybersecurity vulnerabilities on an ongoing basis, supporting automated
assessment methods and monitoring of implemented security controls.
Responsibilities:
• Provide guidance and technical assistance to system administrators in securing the systems and networks under DNR IT areas of responsibility.
• Ensure and assess the entire DNR network is continually monitored for security vulnerabilities and compromises.
• Conduct security self-assessments (e.g., Penetration Testing) to evaluate the processes, procedures and tools used to review, assess, and test information systems controls and security across DNR managed systems.
• Report security status, vulnerabilities, and issues to management
• Work with the Department of Administration Division of Enterprise Technology pre- and post-implementation audits of new systems to ensure secure integration.
• Periodic review and analysis of system Integrity, data integrity and data flows
• Assurance of quality and consistency of all DNR information technology-related activities including standards, policies and procedures
• Audit access rights and ensure alignment to policies.

REQUIREMENTS: 
• Strong understanding of Modern Authentication, Authorization, and Accounting including Role-based and attribute-based access controls RBAC and ABAC. (5+ years)
• Strong understanding of Security information and event management (SIEM)methods and tools. (5+ years)
• Understand the purpose and structure of the National Vulnerability Database (NVD), Common Vulnerability Database (CVE), Common Weaknesses and Enumeration (CWE) and Common Attack Pattern Enumeration and Classification Database (CAPEC) (5+ years)
• Strong understanding of Directory Services including Active Directory
• Understanding of Identity access systems (IAM) and network access control (NAC)
• Basic understanding of Transact and ANSI Structure Query Language (SQL)
• Knowledge of NIST Risk Management (RMF) and Cyber security Framework (CSF)
• ZScaler Administration
• Incident Response Life Cycle
• Cyber Security Risk Management Principles

NICE TO HAVE SKILLS: 
• Tenable Administration
• MS Web Defender Administration
• Zimperium (Mobile Device) Administration
• PowerShell Scripting – (Intermediate)

Location: Madison, WI
*This is a hybrid position. Candidate MUST be a WI resident or willing to relocate to WI prior to starting the role at their own expense. DNR is currently 60% remote and 40% in the office.