INFORMATION TECHNOLOGY SECURITY ANALYST
State of Illinois
- Springfield, IL
- Permanent
- Full-time
Closing Date/Time: May 31st, 2024 11:59pm
Salary: $5,417.00 - $10,713.00 County: Sangamon
Number of Vacancies: 1The SBE is a non-code agencyAll applicants who want to be considered for this position MUST apply electronically through the website. State of Illinois employees should click the link near the top left to apply through the employee career portal.Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.Reporting StructureThe Information Technology Security Analyst reports directly to the Manager of Cyber Operations and Infrastructure. Supports the administration, implementation, review, and improvement of endpoint, network, hardware, application, and data security practices.Essential Function 11. Implements, supports, and monitors the agency’s information security services and applications, including email and web gateways, endpoint security, network firewalls, intrusion prevention systems, SIEM, data loss prevention, multi-factor authentication, CASB, EDR, threat intelligence resources, etc. Monitors system dashboards and logs for threat indicators. Analyzes data and performs necessary incident response procedures. Assists with the continuous improvement of SOAR capabilities. Conducts network, system, and application vulnerability assessments.Essential Function 22. Implements and documents compliance to NIST CSF and the Center for Internet Security (CIS) Controls frameworks. Analyzes agency threat landscape. Utilizes CIS benchmark configurations and work with agency stakeholders to help drive system and application hardening efforts. Evaluates agency processes and implements and/or makes recommendations to enhance security and reduce risk. Reviews and responds to information received concerning threat events from end users, federal, state, county and local agencies as well as external entities such as the Multi-State Information Sharing and Analysis Center (MS-ISAC), Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), trusted security vendors, law enforcement agencies, and public information sources.Essential Function 33. Consults with SBE staff on security issues. Provides a high level of customer service to agency staff, state, county, and local election officials. Ensures service desk queues and incidents are handled in an appropriate and timely manner. Service desk ticket resolutions are thoroughly documented and knowledge base articles are maintained.Essential Function 44. Develops, maintains, monitors and supports the agency's security awareness program including training modules, assessments, phishing and remedial training. Continuously reviews emerging information received from federal, state, county, local agencies, and trusted cybersecurity vendors to ensure awareness content aligns with agency needs.Essential Function 55. Continues education by attending training sessions, seminars, and conferences to increase familiarity with and maintain current knowledge of security products, vendors, techniques, and procedures. Research security enhancements and make recommendations to management. Participates in cybersecurity-focused organizations. Monitors on-line information security related websites, blogs, articles, reports as well as other security intelligence sources to keep up-to-date on the latest threats, IOCs and trends.Essential Function 66. Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above. Provides off-hours support as required.Minimum Qualifications 1Bachelor’s degree in a related field and a minimum of 2 years of professional experience in information technology security. A combination of education, certifications and experience may be substituted for degree.Minimum Qualifications 2Working knowledge of information security technologies, including: endpoint, network, email, web ,data loss prevention, encryption, SIEM, vulnerability and risk management, and multi-factor authentication.Minimum Qualifications 3Possesses the ability to write and communicate effectively with both technical and non-technical audiences.Preferred Qualifications 1Familiarity with government-approved cybersecurity frameworks is preferred.Preferred Qualifications 2The following certifications are highly desired:CISSP: Certified Information Systems Security ProfessionalSSCP: Systems Security Certified PractitionerCompTIA Security+CompTIA CySA+CEH: Certified Ethical HackerGSEC: SANS GIAC Security EssentialsThis position title is eligible for our hybrid telework arrangement (up to 2 remote days per week) and tuition reimbursement programs (100% of tuition costs covered). Upon accepting this position, you will be eligible to enroll into the State of Illinois Group Insurance Program, which includes various highly competitive and low cost coverage options for health, dental, vision, and life insurance. In addition this position offers a competitive time off package, including: 12 paid sick days per calendar year (accrual basis); a minimum of 10 paid vacation days per calendar year (accrual basis); 3 personal days per calendar year; and 12 paid state holidays per calendar year.The SBE welcomes all and promotes workplace diversity. It is our individual traits, character, and experiences that make each of us special and unique. It is only when we bring that individualism together and work as a diverse team that we thrive. There is no place for discrimination based on race, religion, culture, sexual identity or orientation, age, or disability at the State Board of Elections.