Information Security Analyst

Qualifications:

? Hands on working experience with at least two or more of these security technologies (e.g.,

Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls)

? Possess one or more current industry certifications relevant to the job e.g., Security , CISSP,

CISM, C-RISC, CISA, SANS certifications, or equivalent experience

? Experience with security tools and technology such as, i.e., FireEye (Trellix), Tenable.io,

Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm

? Knowledge & experience with cloud technologies: Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure

? Technical knowledge in endpoint security, VPN, Firewall, network monitoring, intrusion

detection, web server security, and wireless security

? Practical experience in systems administration, vulnerability management, endpoint

management, and email security operations and management

? Excellent analytical and critical thinking skills to identify possible threats.

Preferred Qualifications:

? Familiarity with IRS Publication 1075, NIST SP 800-53 Privacy Controls, NIST SP 800-63 Digital

Identity Guidelines, NIST SP 800-88 Guidelines for Media Sanitization, NIST SP 800-18 System

Security Plans (SSP), NIST SP 800-52, FIPS-140, NIST SP 800-61, NIST SP 800-83, other NIST SP

Guidelines, etc., knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice

Information Services Policy

? Progressive experience in information technology, incident response & incident reporting,

technical support, cybersecurity, cryptography, and knowledge of data encryption

techniques

? Ability to work independently and prioritize multiple projects in a highly dynamic environment.

? Excellent communication and teamwork skills and demonstrated across broad group of

technical and non-technical stakeholders

? Assist with Office of Information Security Risk Assessments, System Security Plans, and other reports required by the IRS Office of Safeguards, state audits, and other third-party assessors.

? Knowledge and experience in Policies and procedures development, revision and

management would be a plus.