Position Description:
This position plays an essential role in protecting the confidentiality integrity and availability of State of Arizona information and systems. This position ensures that the appropriate security monitoring and analysis controls standards and procedures are properly configured and utilized to protect confidential information used by the State from known and unknown internal or external threats. These threats include but are not limited to identity theft data loss data damage unauthorized access and cyberattacks. This position defends the State against attacks which disrupt destroy or threaten the delivery of essential services for the State.
KNOWLEDGE
General working knowledge of information security technologies and best practices in the areas of risk assessment compliance and vulnerability management
K0001: Knowledge of computer networking concepts and protocols and network security methodologies.
K0002: Knowledge of risk management processes
K0003: Knowledge of laws regulations policies and ethics as they relate to cybersecurity and privacy.
K0005: Knowledge of cyber threats and vulnerabilities.
K0006: Knowledge of specific operational impacts of cybersecurity lapses.
K0013: Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
K0019: Knowledge of cryptography and cryptographic key management concepts
K0042: Knowledge of incident response and handling methodologies.
K0046: Knowledge of intrusion detection methodologies and techniques for detecting host and networkbased intrusions.
K0049: Knowledge of information technology (IT) security principles and methods
K0058: Knowledge of network traffic analysis methods.
K0059: Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
K0070: Knowledge of system and application security threats and vulnerabilities
K0106: Knowledge of what constitutes a network attack and a network attack s relationship to both threats and vulnerabilities. K0107: Knowledge of Insider Threat investigations reporting investigative tools and laws/regulations.
K0110: Knowledge of adversarial tactics techniques and procedures.
K0111: Knowledge of network tools
K0112: Knowledge of defenseindepth principles and network security architecture.
K0161: Knowledge of different classes of attacks K0162: Knowledge of cyber attackers
K0301: Knowledge of packetlevel analysis using appropriate tools
K0324: Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
K0342: Knowledge of penetration testing principles tools and techniques.
K0177: Knowledge of cyber attack stages
SKILLS
Troubleshooting and investigation skills
Strong customer service skills
Excellent interpersonal written and oral communication skills
Work balance prioritizing and multiple tasking skills
Collaboratively in teams and across organizations skills
Perform general security/audit functions skills
Develop and write technical documentation skills
ABILITIES
Responds promptly to customer needs; takes a customercentric approach to problem solving; solicits customer feedback to improve service; responds to requests for service and assistance; meets commitments
Prioritizes and plans work activities; sets goals and objectives; uses time efficiently; communicates activities and results as appropriate
Focuses on solving conflict; maintains confidentiality; listens to others without interrupting; keeps emotions under control; remains open to others ideas and tries new things
A0010: Ability to analyze malware.
A0015: Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
A0066: Ability to accurately and completely source all data used in intelligence assessment and/or planning products.
A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality integrity availability authentication nonrepudiation).
A0128: Ability to apply techniques for detecting host and networkbased intrusions using intrusion detection technologies.
A0159: Ability to interpret the information collected by network tools
Experience Required:
Experience working on a cybersecurity team.
Experience Preferred:
Experience working within a Information Security Operations Center
Education Required:
Bachelor s degree plus 3 or more years of experience in Information Security Analysis (or equivalent experience)
Education Preferred:
Security Certification
Troubleshooting and investigation skills Strong customer service skills Excellent interpersonal, written and oral communication skills Work balance, prioritizing and multiple tasking skills Collaboratively in teams and across organizations skills Perform general security/audit functions skills Develop and write technical documentation skills