Security Technical Analyst (# 7197)

TITLE: / Security Technical Analyst

DURATION: 12+ Months with the High Possibility of Extension or conversation into FTE.

Location: Remote with in the California only.

DELIVERABLES OR TASKS
The tasks for the Security Analyst include, but are not limited to, the following:

1. Proactively identify and assess threats to State Funds users, network and data
2. Monitor and respond to reports of malicious activity
3. Respond and investigate intrusions and security events
4. Demonstrate an understanding of State Funds threat landscape
5. Perform thorough analysis of attacks and anomalous network behavior
6. Provide summarized and detailed analysis and documentation in support of ESEC
7. Perform proficient forensic analysis using security tools and processes
8. Identify Actionable Intelligence by processing Threat Intelligence (TI)
9. Demonstrate ability to identify, contain, eradicate and recover from security incidents
10. Collaborate with State Fund business units, partners and individuals to mitigate security threats
11. Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices related to forensics and security incidents management
12. Attend meetings/Represent ESEC as a Senior Lead for all security matters
13. Act as Lead/Co-Lead/Backup on assigned ESEC projects
14. Mentor junior staff colleagues
15. Create Standard Operating Procedures and training documents
16. Other duties, to be assigned as needed

 MENTORING & SKILL ENHANCEMENT:

Mentoring and Skills Enhancement of State Fund employees by Supplier Personnel are considered an integral part of this engagement. Supplier Personnel will work in a collaborative fashion with State Fund Contract Executive to create and provide a specific training to designated State Fund employees in those areas of State Fund’s systems in which the Supplier Personnel has knowledge and expertise.

• Supplier Personnel will make every effort to provide skills enhancement at a satisfactory rate and report any issues that may impede the progress of training and mentoring.
• Supplier Personnel resources shall provide input to Contract Executive to develop training and mentoring plan to include specific skill sets, tasks, and training methodologies.
• Supplier Personnel will be responsible to execute the training and mentoring plan(s) with designated State Fund employees and shall provide input to refine and further develop training and mentoring plans as training progresses.
• Supplier Personnel shall meet and discuss progress of training to State Fund on a monthly basis.
• State Fund Contract Executive will be responsible to document a training plan on the “Mentoring & Skill Enhancement Planner” and to monitor progress of training and mentoring with the State Fund employee(s). The Mentoring & Skill Enhancement Tracker and Planner are provided as Attachment C to this SOW.

RESOURCE REQUIREMENTS, SKILLS, KNOWLEDGE AND ABILITIES:

Supplier shall ensure that all resources assigned to the project have the minimum skills requirement to render the services in a competent and efficient manner.

TECHNICAL KNOWLEDGE AND SKILLS:

• Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
• Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
• Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
• Technical security project management skills.
• Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.

Working Experience, at a minimum:

• Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
• Operating Systems: UNIX, LINUX, WINDOWS.
• Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
• Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
• Databases: Oracle, SQL, MYSQL.
• Cloud Platforms: IAAS, PAAS, SAAS.
• Security Concepts: Encryption, Hardening, etc.
• Security GRC.
• Forensic Analysis Tools.
• Active Directory.
• Programming Languages are a plus.
• Computer Forensic experience a plus.
• Prior SIEM experience a plus.
• Malware analysis skills a plus.

PROFESSIONAL SKILLS:

The Consultant resource(s) shall possess most of the following skills:

• Strong Analytical and Critical Thinking Skills.
• Ability to analyze information and formulate solutions to problems.
• Provide more in-depth analysis with a high-level view of goals and end deliverables.
• Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
• Plan and manage all aspects of the support function.
• Extensive knowledge of and proven experience with information technology systems and methods of developing, testing and moving solutions to implementation.
• Expert knowledge in project management practices and ability to document process and procedures as needed.
• Self-motivated self-starters/proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables.
• Ask questions and share information gained with other support team members, recording, and documenting this knowledge.
• Elicit and gather user requirements and/or problem description information and record this information accurately.
• Listen carefully and act upon user requirements or requests.
• Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons.
• Follow the lead of others on assigned projects as well as take the lead when deemed appropriate.
• Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources.
• Take responsibility for the integrity of the solution.
• Present solutions (technical and non-technical) to management and decision makers.
• Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision.
• Experience in managing multiple projects.
• 5+ Years’ experience in information security and forensics and/or security incident response.
• CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)

CORE COMPETENCIES:

• Act with integrity
• Use sound judgement
• Commitment to quality
• Demonstrate adaptability
• Innovate
• Think strategically
• Communicate effectively and influence others
• Work well both independently and as part of a team.
• Let me know if you would be interested in this position. If yes, please respond with your resume in Microsoft word version (.docx).

A reasonable, good faith estimate of the minimum and maximum hourly wage for this position is $65/hr to $70/hr on W2

 Benefits will be available, and details are available at the following link: https://rb.gy/foel75.