Job Classification: ITSS1
Role It Security Specialist 1
Interview Process Interview must be onsite and in person
MBE/Open Market MBE
Will Close to Submissions on 11/27 at 10:00 am
Requirement Description:
This position will function as a hands-on, highly-skilled, IT Security Analyst, with specific responsibilities that include:
1. Monitor network and information system activity. Perform event correlation, analysis of malicious activity indicators, based on review and access to multiple security tools and services.
2. Respond to alerts (analyze, interpret, investigate, resolve) based on monitoring activity, for security (malware, malicious actor), and other purposes (malicious activity, misuse, etc.).
3. Manage, update, modify alerts, adjust/fine tune event correlation rules, etc. (e.g. filter false positives, increase accuracy/relevance/effectiveness), create new rules based on threat changes/evolving risk, etc.
4. Understands principles such as SANS/CIS Top 20 Critical Security Controls, and OWASP Top 10 Critical Web Application Security Risks, and applies them using security tools.
5. Understands customer support and provides routine security and general support (tickets, ad-hoc requests, etc.) to all DPS departments/users, IT groups/resources, external (other state agencies, public), etc.
6. Uses creativity and innovation to improve security processes and procedures.
7. Perform specialized security functions (e.g. forensics for incident response).
8. SPECIAL NOTE: We are running a 24/7 operation. Consultant may need to come in during incident or emergency situations.
Additional Details: Resource must clearly demonstrate competence/experience in the specific areas of project assignment.
The resource's hands-on experience must also be clearly documented for review and verification.
Offered resources not possessing the required technical or functional competence/experience will be sufficient reason to reject the Offeror’s proposal. It is the responsibility of the Offeror to pre-screen candidates to ensure compliance.
1. Strong communication, proven collaboration and teamwork skills.
2. Ability to work independently and as part of a team, ability to manage time and resources to meet assigned deadlines.
3. Strong understanding of prioritization stemming from the elicitation of system and/or user requirements.
4. Excellent organizational skills, proven analytical, planning, problem solving, and decision-making skills.
5. Knowledgeable in the English language/speak clearly and understandably using the English language. Excellent oral and written skills.
Resource will have a background check conducted by ODPS.
Mandatory Requirements:
1. 10 Total years IT experience.
2. 3 Years IT security experience.
3. 2 Years hands-on experience with Web and Email Filtering and Security (IronPort preferred).
4. 3 Years hands-on endpoint protection experience (McAfee preferred).
5. 1 year of hands-on vulnerability scanning experience (Qualys preferred).
6. 1 year of hands-on application security scanning experience (AppScan preferred).
7. Proven contribution to continuous process improvements to increase the efficiency of section.
8. Excellent communication skills both written and oral.
Desired Skills:
• IronPort Web/Email Security
• Qualys
• McAfee Enterprise solutions
• Splunk
• Penetration testing
• PowerShell 3.0 scripting background
