This position plays an essential role in protecting the confidentiality, integrity and availability of State of Arizona information and systems. This position ensures that the appropriate security monitoring and analysis controls, standards and procedures are properly configured and utilized, to protect confidential information used by the State from known and unknown internal or external threats. These threats include, but are not limited to, identity theft, data loss, data damage, unauthorized access and cyber-attacks. This position defends the State against attacks which disrupt, destroy, or threaten the delivery of essential services for the State.
KNOWLEDGE
General working knowledge of information security technologies and best practices in the areas of risk assessment, compliance and vulnerability management
K0001: Knowledge of computer networking concepts and protocols, and network security methodologies.
K0002: Knowledge of risk management processes
K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
K0005: Knowledge of cyber threats and vulnerabilities.
K0006: Knowledge of specific operational impacts of cybersecurity lapses.
K0013: Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
K0019: Knowledge of cryptography and cryptographic key management concepts
K0042: Knowledge of incident response and handling methodologies.
K0046: Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
K0049: Knowledge of information technology (IT) security principles and methods
K0058: Knowledge of network traffic analysis methods.
K0059: Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
K0070: Knowledge of system and application security threats and vulnerabilities
K0106: Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. K0107: Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations.
K0110: Knowledge of adversarial tactics, techniques, and procedures.
K0111: Knowledge of network tools
K0112: Knowledge of defense-in-depth principles and network security architecture.
K0161: Knowledge of different classes of attacks K0162: Knowledge of cyber attackers
K0301: Knowledge of packet-level analysis using appropriate tools
K0324: Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
K0342: Knowledge of penetration testing principles, tools, and techniques.
K0177: Knowledge of cyber attack stages
SKILLS
Troubleshooting and investigation skills
Strong customer service skills
Excellent interpersonal, written and oral communication skills
Work balance, prioritizing and multiple tasking skills
Collaboratively in teams and across organizations skills
Perform general security/audit functions skills
Develop and write technical documentation skills
ABILITIES
Responds promptly to customer needs; takes a customer-centric approach to problem solving; solicits customer feedback to improve service; responds to requests for service and assistance; meets commitments
Prioritizes and plans work activities; sets goals and objectives; uses time efficiently; communicates activities and results as appropriate
Focuses on solving conflict; maintains confidentiality; listens to others without interrupting; keeps emotions under control; remains open to others' ideas and tries new things
A0010: Ability to analyze malware.
A0015: Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
A0066: Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
A0128: Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
A0159: Ability to interpret the information collected by network tools
Experience Required:
Experience working on a cybersecurity team.
Experience Preferred:
Experience working within a Information Security Operations Center
Education Required:
Bachelor’s degree plus 3 or more years of experience in Information Security Analysis (or equivalent experience)