RICEFW Technologies
IN - IDOH Security Analyst
RICEFW Technologies, Indianapolis, Indiana, us, 46262
A Security Analyst plays a crucial role in the Indiana Department of Health's (IDOH) information security strategy by protecting the IDOH's data, systems, and networks from various cyber threats and vulnerabilities.
The Security Analyst is responsible for monitoring and analyzing an IDOH's security infrastructure, identifying vulnerabilities, and implementing measures to safeguard the IDOH's data and assets. They work to ensure the confidentiality, integrity, and availability of information systems and data while staying updated on emerging cyber threats and industry best practices. They participate in day-to-day security operations as needed.
Key Responsibilities:Security Monitoring and Incident Response:Continuously monitor security alerts and incidents to identify potential threats.Investigate security incidents and breaches, determine their impact, and initiate appropriate responses.Vulnerability Assessment:Perform regular vulnerability assessments and penetration testing to identify weaknesses in the IDOH's systems and applications.Collaborate with other teams to prioritize and remediate identified vulnerabilities.Security Policy and Compliance:Assist in developing and enforcing security policies, standards, and procedures.Ensure compliance with industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS).Security Tools and Technologies:Manage and maintain security tools such as firewalls, intrusion detection/prevention systems, antivirus software, and SIEM (Security Information and Event Management) solutions.Evaluate and recommend new security technologies and solutions.Security Awareness and Training:Conduct security awareness training for employees to promote a culture of security within the organization.Provide guidance and recommendations for secure practices.Incident Documentation and Reporting:Document security incidents, investigations, and remediation efforts.Prepare reports and communicate findings to management and relevant stakeholders.Threat Intelligence and Research:Stay current with the latest cyber threats and vulnerabilities.Analyze threat intelligence data to proactively identify potential risks.Security Audits and Assessments:Participate in security audits and assessments, both internal and external.Collaborate with auditors to provide evidence of security controls and practices.Security Policies and Procedures:Contribute to the development and maintenance of security policies, procedures, and guidelines.Required/Desired SkillsSkill Required /Desired Amount Years of Experience Experience working as a Security Analyst with increasing responsibilities Required 10 Years Strong knowledge of information security principles, practices, and technologies. Required 10 Years Experience with security tools and technologies, including firewalls, antivirus, SIEM, and intrusion detection/prevention systems. Required 10 Years Relevant certifications such as CISSP, CISM, CompTIA Security+, or Certified Ethical Hacker (CEH). Required 10 Years Bachelor's degree in computer science, information technology, or a related field (master's degree is often preferred). Required 0 Familiarity with compliance requirements and regulations relevant to the organization. Required 0 Excellent problem-solving and analytical skills. Required 0 Strong communication and interpersonal skills. Required 0
QuestionsNo. Question Answer Question1 Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement? Question2 Please list candidate's email address. Question3 Please list the city and state where candidate currently resides. Question4 Candidate must be paid BETWEEN NA and NA if selected for engagement. The provider markup for this position is 35%. Do you accept this requirement? Question5 Client is willing to consider both local and non-local candidates. Local is preferred as the selected candidate will work closely with a number of internal teams. Local candidates will be required to work a hybrid schedule with onsite 3 days per week. Please confirm the resource understands the work schedule.
The Security Analyst is responsible for monitoring and analyzing an IDOH's security infrastructure, identifying vulnerabilities, and implementing measures to safeguard the IDOH's data and assets. They work to ensure the confidentiality, integrity, and availability of information systems and data while staying updated on emerging cyber threats and industry best practices. They participate in day-to-day security operations as needed.
Key Responsibilities:Security Monitoring and Incident Response:Continuously monitor security alerts and incidents to identify potential threats.Investigate security incidents and breaches, determine their impact, and initiate appropriate responses.Vulnerability Assessment:Perform regular vulnerability assessments and penetration testing to identify weaknesses in the IDOH's systems and applications.Collaborate with other teams to prioritize and remediate identified vulnerabilities.Security Policy and Compliance:Assist in developing and enforcing security policies, standards, and procedures.Ensure compliance with industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS).Security Tools and Technologies:Manage and maintain security tools such as firewalls, intrusion detection/prevention systems, antivirus software, and SIEM (Security Information and Event Management) solutions.Evaluate and recommend new security technologies and solutions.Security Awareness and Training:Conduct security awareness training for employees to promote a culture of security within the organization.Provide guidance and recommendations for secure practices.Incident Documentation and Reporting:Document security incidents, investigations, and remediation efforts.Prepare reports and communicate findings to management and relevant stakeholders.Threat Intelligence and Research:Stay current with the latest cyber threats and vulnerabilities.Analyze threat intelligence data to proactively identify potential risks.Security Audits and Assessments:Participate in security audits and assessments, both internal and external.Collaborate with auditors to provide evidence of security controls and practices.Security Policies and Procedures:Contribute to the development and maintenance of security policies, procedures, and guidelines.Required/Desired SkillsSkill Required /Desired Amount Years of Experience Experience working as a Security Analyst with increasing responsibilities Required 10 Years Strong knowledge of information security principles, practices, and technologies. Required 10 Years Experience with security tools and technologies, including firewalls, antivirus, SIEM, and intrusion detection/prevention systems. Required 10 Years Relevant certifications such as CISSP, CISM, CompTIA Security+, or Certified Ethical Hacker (CEH). Required 10 Years Bachelor's degree in computer science, information technology, or a related field (master's degree is often preferred). Required 0 Familiarity with compliance requirements and regulations relevant to the organization. Required 0 Excellent problem-solving and analytical skills. Required 0 Strong communication and interpersonal skills. Required 0
QuestionsNo. Question Answer Question1 Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement? Question2 Please list candidate's email address. Question3 Please list the city and state where candidate currently resides. Question4 Candidate must be paid BETWEEN NA and NA if selected for engagement. The provider markup for this position is 35%. Do you accept this requirement? Question5 Client is willing to consider both local and non-local candidates. Local is preferred as the selected candidate will work closely with a number of internal teams. Local candidates will be required to work a hybrid schedule with onsite 3 days per week. Please confirm the resource understands the work schedule.