MARYLAND GENERAL ASSEMBLY DEPARTMENT OF LEGISLATIVE SERVICES RECRUITMENT NOTICE Position: Information Security Analyst, Regular Full-time
Information Technology Office (ITO)
Office of Operations and Support Services (OOSS)
Salary: $80,000 – 110,000 commensurate with experience and qualifications.
Application Deadline: November 15th, 2024
Telework Availability: Some work may be performed in a hybrid (in-person and remote) setting depending on Department needs.
Team Member Benefits: https://dls.maryland.gov/careers/employment-benefits
Position Summary: Reporting to the Information Security Officer, the Security Analyst is responsible for monitoring and preventing cybersecurity events.
This role involves conducting threat intelligence, engaging in hunting activities, proactively mitigating risks, and coordinating incident response for cyber incidents and forensic investigations.
Additionally, the Security Analyst will interact with vendors on open issues, follow up and liaise with other state IT offices regarding unresolved matters, and assist in conducting security audits.
Principal Duties: · Conduct regular security assessments and audits of information systems
· Monitor network traffic for suspicious activity and respond to potential threats
· Investigate and respond to security breaches and incidents
· Develop and implement incident response plans and protocols
· Assist in the development and enforcement of security policies and procedures
· Ensure compliance with industry standards and regulations related to information security
· Identify, assess, and prioritize security risks to the institution's information assets
· Collaborate with stakeholders to mitigate identified risks
· Foster a culture of security awareness across the institution
· Perform vulnerability assessments and penetration testing to identify weaknesses in systems
· Work with IT teams to remediate vulnerabilities and enhance security controls
· Maintain detailed documentation of security incidents, assessments, and responses
· Generate reports for management on the status of security initiatives and incidents
· Collaborate with IT and other departments to ensure secure system design and implementation
Qualifications: · Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field preferred.
· 3-4 years of experience working on Security related principal duties listed above.
· Current CISSP certification (or equivalent industry certification standard security certification) preferred.
Skills and Competencies: · Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001)
· Proficient in security tools and technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM)
· Maintain situational awareness and keep current with cybersecurity news and threat actor Tactics, Techniques, and Procedures (TTPs)
· Excellent analytical and problem-solving skills
· Strong communication and interpersonal skills
To Apply: Email Resume and Cover Letter to ****** and include code 17-24.
The cover letter should state the reasons for interest in the position, any relevant experience, and availability to begin work.