Job Title: Information Security Analyst
Location: Atlanta, GA
Contract
Tax clearance letter must
Job Summary:
We are looking for a skilled cybersecurity professional with relevant technical experience. As the Information Security Analyst 3, reporting to the CISO, the selected candidate will perform technically and lead the hands-on technical team in administering IT security tools, automation, and compliance standards. Security based planning, implementation, and monitoring security measures duties included. Help the security team coordinate Information Technology activities in the information and cybersecurity. Assist with security policy and procedures development and policy enforcement. Ensure the security awareness and training programs are functioning as designed. Work with the security team and other stakeholders with building and maintaining the business continuity, disaster recovery, and incident response plans. Analytical duties include an additional focus on protecting Agency data by performing threat and incident detection, incident handling, and incident response. Ability to work under minimal supervision and the selected candidate may supervise the work of others.
You will have the opportunity to learn and grow; both personally and professionally through our training and development programs. While your path in the Office of Information Security will be unique in protecting the Agency’s assets, your journey will help the Department achieve our goal of becoming the most efficient and accessible tax administrator in the country.
Qualifications:
- Hands on working experience with at least two or more of these security technologies (e.g., Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls)
- Possess one or more current industry certifications relevant to the job e.g., Security+, CISSP, CISM, C-RISC, CISA, SANS certifications, or equivalent experience.
- Specific experience working with security tools and technologies, i.e., VPNs, Firewalls, MFA, Tenable, Splunk, Wireshark, etc.
- Knowledge & experience with cloud technologies: Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure.
- Technical knowledge in endpoint security, VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security
- Practical experience in systems administration, vulnerability management, endpoint management, and email security operations and management.
- Excellent analytical and critical thinking skills to identify possible threats.
Preferred Qualifications:
- Familiarity with IRS Publication 1075, NIST SP 800-53 Privacy Controls, NIST SP 800-63 Digital
- Identity Guidelines, NIST SP 800-88 Guidelines for Media Sanitization, NIST SP 800-18 System
- Security Plans (SSP), NIST SP 800-52, FIPS-140, NIST SP 800-61, NIST SP 800-83, other NIST SP
- Guidelines, etc., knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice
Information Services Policy
- Progressive experience in information technology, incident response & incident reporting, technical support, cybersecurity, cryptography, and knowledge of data encryption techniques
- Ability to work independently and prioritize multiple projects in a highly dynamic environment.
- Excellent communication and teamwork skills and demonstrated across broad group of technical and non-technical stakeholders.
- Assist with Office of Information Security Risk Assessments, System Security Plans, and other reports required by the IRS Office of Safeguards, state audits, and other third-party assessors.
- Knowledge and experience in Policies and procedures development, revision and
management would be a plus.