Sundial Software Madison , WI 53701
Posted 1 week ago
The State of Wisconsin DNR is looking for one (1) Security Analyst II.
Top Required Skills & Years of Experience:
Strong understanding of Modern Authentication, Authorization, and Accounting including Role-based and attribute-based access controls RBAC and ABAC. (5+ years)
Strong understanding of Security information and event management (SIEM)methods and tools. (5+ years)
Understand the purpose and structure of the National Vulnerability Database (NVD), Common Vulnerability Database (CVE), Common Weaknesses and Enumeration (CWE) and Common Attack Pattern Enumeration and Classification Database (CAPEC) (5+ years)
Strong understanding of Directory Services including Active Directory.
Understanding of Identity access systems (IAM) and network access control (NAC).
Basic understanding of Transact and ANSI Structure Query Language (SQL)
Knowledge of NIST Risk Management (RMF) and Cyber security Framework (CSF)
Nice to Have Skills:
Tenable Administration
MS Web Defender Administration
Zimperium (Mobile Device) Administration
PowerShell Scripting – (Intermediate)
Required Knowledge:
ZScaler Administration
Incident Response Life Cycle
Cyber Security Risk Management Principles
Interview Process: Via Teams for out of state candidates and in-person for local candidates.
Onsite or Remote? This is a hybrid position. Candidate MUST be a WI resident or willing to relocate to WI prior to starting the role at their own expense. DNR is currently 60% remote and 40% in the office.
DNR IT Information and Data Security section is looking for a Security Analyst II for our
Continuous Diagnostics and Mitigation (CDM) Program with a strong focus on
identifying cybersecurity vulnerabilities on an ongoing basis, supporting automated
assessment methods and monitoring of implemented security controls.
Responsibilities:
? Provide guidance and technical assistance to system administrators in securing
the systems and networks under DNR IT areas of responsibility.
? Ensure and assess the entire DNR network is continually monitored for security
vulnerabilities and compromises.
? Conduct security self-assessments (e.g., Penetration Testing) to evaluate the
processes, procedures and tools used to review, assess, and test information
systems controls and security across DNR managed systems.
? Report security status, vulnerabilities, and issues to management
? Work with the Department of Administration Division of Enterprise Technology
pre- and post-implementation audits of new systems to ensure secure
integration.
? Periodic review and analysis of system Integrity, data integrity and data flows
? Assurance of quality and consistency of all DNR information technology-related
activities including standards, policies and procedures
? Audit access rights and ensure alignment to policies.
Skills needed:
? Strong understanding of Directory Services including Active Directory.
? Strong understanding of Modern Authentication, Authorization, and Accounting
including Role-based and attribute-based access controls RBAC and ABAC.
? Strong understanding of Security information and event management
(SIEM)methods and tools.
? Understanding of Identity access systems (IAM) and network access control
(NAC).
? Understand the purpose and structure of the National Vulnerability Database
(NVD), Common Vulnerability Database (CVE), Common Weaknesses and
Enumeration (CWE) and Common Attack Pattern Enumeration and Classification
Database (CAPEC)
? Basic understanding of Transact and ANSI Structure Query Language (SQL)
? Knowledge of NIST Risk Management (RMF) and Cyber security Framework
(CSF)
Nice to have skills:
? Tenable Administration
? MS Web Defender Administration
? Zimperium (Mobile Device) Administration
? PowerShell Scripting – (Intermediate)
Required Knowledge:
? ZScaler Administration
? Incident Response Life Cycle
? Cyber Security Risk Management Principles
Sundial Software