IT Security Specialist

Description of Work
Salary Grade Equivalent: 77 Recruitment Range: $65,143.00 – $90,800.00

The Lead Cyber Security Analyst will help plan actions and lead Security Analysts in the analyzation and determination of the scope of threats to the enterprise, vulnerabilities in software, and how The North Carolina Department of Revenue will best defend itself against these threats. This position will require initiative to identify security needs and be expected to put together projects and teams to remediate identified security threats, issues and audit identified items. In addition, the position will oversee and enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities and exploits. The Lead Analyst will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high level details and metrics to management. This position will also oversee and enhance the threat hunting program.

Intelligence Analysis and Threat Hunting

Perform duties across several Cyber disciplines, activities may include:

Lead the development and enhance current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data.
Establish, mature and maintain a threat hunting program.
Actively monitor and research cyber threats with a direct or indirect impact to the agency, business operations, or technology infrastructure.
Develop and support briefings to Security management as a cyber intelligence subject matter expert.
Create and conduct presentations on current threats and related IT Security topics.
Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics.
Network Security Operations Analysis
Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
Put together tasks forces to operationalize remediation efforts.
Incident Management and Forensic Analysis.
Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting.
Ensure and directly oversee the collection and preservation of evidence associated with cyber security incident response activities following industry best practices and established procedures.
Develop and support briefings to Security management as a cyber-forensic subject matter expert. Vulnerability Management, Lifecycle and Remediation.
Work with Cyber Analysts to assist in the remediation of identified vulnerabilities for all IT organizations.
Report on and enhance current metrics surrounding vulnerability management.
Take a lead role in the vulnerability management lifecycle.
Knowledge, Skills and Abilities / Competencies
Proven team player, will be working individually and with other staff members, on both long-term projects and rapid response under tight deadlines.
Team Leadership and management experience, taking initiative; providing and following through on solutions.
Proficient with Security related service and process assessments and evaluations based on NIST and ITIL standards.
Knowledge and experience implementing controls based on security regulation. E.g. NIST 800-53, IRS 1075
Effective and excellent oral and written communication, analytical, judgment and consultation skills.
Ability to effectively communicate in both formal and informal review settings with all levels of management.
Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources.
Ability to work independently and possess strong project management skills.
Minimum Education and Experience Requirements
Minimum requirements include a Bachelor’s degree in Computer Science, Computer Engineering or an Information Security degree or closely related field from an appropriately accredited institution; or Bachelor s degree from an appropriately accredited institution and one year of experience in IT Security or closely related area; or an Associate s degree in Information Systems Security from an appropriately accredited institution and two years of experience in IT Security or closely related area; or an equivalent combination of education and experience.

Candidates who have experience with:

Implementation and maintenance of SIEM (Splunk, ArcSight, IBM Qradar, etc.)
Forensic analysis tools (MIR, EnCase, FTK)
Malware analysis tools (dynamic and static)
Vulnerability assessment tools (Nessus, nmap, etc.)
Secure Web Gateway (BlueCoat, Websense)
Network sniffers and packet tracing tools (SnifferPro, Ethereal and tcpdump)

Recruitment for this position will target the Journey level of the IT Security Specialist band. The hiring range for this position is $65,143.00 – $90,800.00 and the salary will be commensurate with the applicant’s competencies as well as the budget, equity, and market considerations. For promotional and reemployment priority purposes, this position is considered to be equivalent to salary grade 77.

Supplemental and Contact Information
The Department of Revenue seeks to fill positions with the most qualified individuals in its effort to provide taxpayers with the most efficient and effective services possible.

This position is subject to federal and state criminal background checks and verification of tax compliance. “Tax compliance” is defined as having filed and paid all North Carolina state taxes owed each year leading up to the current calendar year or currently in a non-delinquent payment status with the State of North Carolina on taxes that are currently owed to the State.

All work experience must be included in the work history section of the application. Applicants are required to document the duties and responsibilities of any past employment including the knowledge, skills and abilities attained from that employment or supplemental training. Resumes are not accepted in lieu of the online state application and information included only on a resume will not be considered in determining qualifications.

Applicants eligible for veteran’s preference must attach a copy of form DD-214.

If you are having technical issues logging into your account or applying for a position please review the Get Help/FAQ’s information on the website. If you are still experiencing technical issues with your application, please call the NeoGov Help Line at 855-524-5627.

If you have any questions regarding this vacancy announcement, please contact:

NC Department of Revenue
Human Resources Division