Security Analyst - IT Division - 22899

The Security Analyst provides technical and analytical support for the Board's computer security systems. Develops new security measures as needed.

REQUIRED SKILLS:
Requires good analytical ability and oral and written communication skills typically acquired by completion of a Bachelor’s Degree in computer science or related discipline. Requires one year of experience working with computer security systems. Possesses a basic knowledge of the internal architecture of the Board's centralized and distributed computer resources. Begins to demonstrate a working knowledge of the software techniques needed to support centralized and decentralized security safeguards. Becomes familiar with the information security standards documents used at the Board.

The Security Analyst participates, collaborates, and contributes towards the planning, architectural design, policies, principles for network, apps/workload, device/endpoint, data, and operations of Identity, Credential and Access Management (ICAM) solutions. Work assignments may involve enhancing various forms of Enterprise-level Identity Systems, directories, and databases. The candidate may assist on security frameworks used for multifactor authentication, single sign-on, and the overall ICAM solutions while working with many other IT teams. Work closely with security assessment teams to ensure compliance with ICAM security standards. May work on projects related to zero trust, identity, authentication, and access management in a hybrid cloud environment. The analyst works under close technical supervision on tasks which are limited in scope. The incumbent displays interest in information / cyber security at detailed levels and has demonstrated mastery of basic
skills and foundational information security knowledge. The incumbent has the ability to assimilate diverse technical material and quickly learn new concepts and policies, and apply them to dynamic assignments. Job involves independent research, implementations, and daily operational assignments. Strong communication (written and verbal) and interpersonal skills are essential.

Highly Desirable:
Understanding of credentials, authentication and authorization principles and design alternatives. Diverse technical experience with Active Directory, LDAP, NTLM, Kerberos, federation assurance, Azure Active Directory, identity management, privileged accounts, application development methods, cloud security, O365, and security operations. Knowledge of Domains, Forests, and OUs along with secure object store, users, computers, and groups in a hybrid cloud environment. Basic knowledge of remote access and mobile technologies.

Experience working with Azure AD, SAML, OpenID Connect, Login.gov, MFA, Powershell scripting, and OAuth. Wide breadth of technical knowledge including, but not limited to, Windows, Active Directory, Linux, cloud, network protocols, firewalls, intrusion prevention systems, log management, network behavior analysis, vulnerability scanning tools and processes.

Full vaccination is required as a condition of employment, unless a legally required exception applies.