State of Georgia · 4 days ago
Information Security Analyst 2
Wonder how qualified you are to the job?
Government Administration
Insider Connection @State of Georgia
Responsibilities
Perform regular security assessments and audits to identify vulnerabilities and assess compliance with security policies, standards, and regulations.
Monitor and analyze security events and incidents to detect and respond to potential threats and breaches.
Conduct risk assessments to identify and prioritize security risks and develop mitigation strategies.
Implement and maintain security controls, technologies, and solutions to protect information assets.
Collaborate with IT teams to ensure the secure configuration and management of systems, networks, and applications.
Prepare and review documentation including Systems Security Plans (SSPs) and Risk Assessment Reports.
Participate in information security audits, respond to incidents, and assist with investigations.
Assist with ongoing information security awareness and training programs.
Research, recommend, and implement changes to enhance information systems security.
Work with AWS Security technologies and perform tasks using security stacks such as IAM, Okta OIDC, Auth0, Secrets Manager, etc.
Think in terms of architecture and code, develop and evaluate solutions for strengths and weaknesses.
Perform other duties as assigned.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university
Five years of information technology experience, One year of which in information security or information assurance
Preferred
Strong knowledge of information security principles, concepts, and best practices. (Certifications: relevant analyst-level certifications such as CompTIA Security+, SSCP (Systems Security Certified Practitioner), or GIAC Security Essentials (GSEC)
Familiarity with or knowledge of enterprise and cloud computing concepts. (Certifications and Training: candidates with certifications such as AWS Certified Solutions Architect, Google Cloud Professional, or Microsoft Azure certifications)
Advanced to expert knowledge in the use of Excel
Advanced knowledge of defined security standards and frameworks. (Certifications: Candidates with certifications related to specific standards and frameworks (ISO 27001 Lead Implementer, NIST Cybersecurity Framework)
Experience in or knowledge of applicable compliance regulations and standards (NIST, PCI DSS, TSSR, ISO 27001)