Cybersecurity Tech Analyst Job at State of North Carolina in Wilmington

Salary: $81,500.00 - $122,250.00 Annually Location : Wake County, NC Job Type: Permanent Full-Time Remote Employment: Flexible/Hybrid Job Number: 24-14700 Department: Dept of Public Safety Division: Emergency Management Opening Date: 11/25/2024 Closing Date: 12/6/2024 5:00 PM Eastern Job Class Title: IT Security and Compliance Specialist II Position Number: 65038825 Section: Homeland Security Salary Grade: DT10 Recruitment Range: $81,500 - $101,000 Description of Work This is a repost for position 65038825. Previous applicants need to reapply to be considered. This position qualifies for teleworking on a part-time basis as part of a State Teleworking Pilot Program. Any telework will be under the conditions of the State Teleworking Program Policy, and the employer may end any teleworking arrangement at any time at the employer's sole discretion. This is a full-time position (40 hours per week) with . This position's typical work hours are 8am - 5pm. This position will be designated on-call periods to serve as the primary point of contact for state-level coordination of emergency services resources. This position will collaborate with the North Carolina's Fusion Center, the North Carolina Information Sharing and Analysis Center (NC ISAAC) along with other state and federal Departments/Agencies. Furthermore, the candidate must have or be able to attain and maintain a U.S. Department of Homeland Security National Security Clearance at the SECRET level within 12 months of hire and maintain it throughout employment. This position will serve as a technical expert within the NCEM-Homeland Security Section Cyber Unit as well as the NC Joint Cybersecurity Task Force (JCTF) in an incident response capacity and on a day-to-day basis. This position will report to the Homeland Security Section Cyber Unit Manager, with oversight by the Assistant Director-Homeland Security Section, and, via the NC JCTF, will be responsible for assessing and addressing actual and potential incidents related to cybersecurity investigations and events; providing specialized technical case and operational support; and producing highly technical, strategic intelligence. Specifically, this position will proactively and repetitively search through networks to detect and isolate advanced threats that evade existing security solutions. This proactive and reactive role incorporates a collaboration of active defense and intelligence gathering in furtherance of enhancing cybersecurity and incident response. This position is also capable of providing a detailed picture of events as they occurred and allows these events to be connected to cyber actors, tools, and tactics, techniques, and procedures (TTPs) inside and outside of the jurisdiction. This position will work alongside Department of Defense, federal, state, and local agencies in addressing threats posed by terrorists, nation-states, domestic violent extremists, and other cyber criminals conducting cyber-attacks. Cybersecurity certification(s) and pertinent cybersecurity training as well as the ability to perform data analytics are required. A candidate with experience with Cyber Incident Response and Analytical skills is preferred. This position will focus on supporting SLTT (State, Local, Tribal, and Territorial) partners, to include educational institutions; as well as Critical Infrastructure Partners, to include, but not limited to, Healthcare, Water, Communications, Elections, and Energy Partners; and our state and federal homeland security partners, with actionable intelligence reports on cyber threats and risk. This position will be responsible for leading initiatives and developing strategies aimed at improving cybersecurity across North Carolina, to include Urban Area Security Initiative (UASI) areas and efficiently and effectively sharing information with partners and customers/citizens at varying levels of expertise in an effective and comprehensible manner. This position will perform other related duties, as required. About the Division: The mission of North Carolina Emergency Management (NCEM) is to enhance North Carolina's resiliency through active collaboration, communication, and coordination of efficient and effective preparedness, response, recovery, and mitigation of all natural and man-made hazards and threats. It is part of the NC Department of Public Safety (NCDPS). About Homeland Security: The mission of the Homeland Security Section is to provide the Division and the State Emergency Response Team (SERT) with proactive critical infrastructure planning and protection support, situational awareness and intelligence gathering, interagency coordination, and cyber preparedness, mitigation and response in collaboration with local, state, and federal partners. This collaboration includes training and assistance; strategic planning; investigative and intelligence support. The Cyber Unit is housed in the Homeland Security Section and is focused on the following: local, state, and federal critical infrastructure cybersecurity preparedness, mitigation, response, and recovery through training and assistance; strategic planning; investigative and intelligence support to local, state, and federal public safety and intelligence agencies; and technical augmentation for response and recovery to impacted jurisdictions. The Homeland Security Section Cyber Unit co-leads the North Carolina Joint Cybersecurity Task Force (NC JCTF). Knowledge, Skills and Abilities / Competencies DPS uses the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified individuals. The Knowledge, Skills and Abilities (KSAs) listed below, along with the Minimum Education and Experience (E&E) are REQUIRED to qualify for this position. All work history and education (including accurate dates of employment/attendance) must be documented on the application. Supplemental Questions are also a required part of the application: answers must reference education or work experience listed on the application. A complete, all-inclusive application maximizes an applicant's potential to qualify for the position, as well as the highest possible salary. Salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position. State Government Application Resources | NC Office of Human Resources (Resumes may be attached as a supplement to the application but are not a substitution for a complete application.) To qualify for this position, applicants must demonstrate ALL of the following KSAs: -Knowledge of server, workstation, and/or mobile operating systems (such as Windows, LINUX, UNIX, Mac OS, iOS, and/or Android) -Knowledge of various security methodologies, processes, and hardware such as firewalls, Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs), Security Information and Event Management (SIEM), and computer communication networks, protocols, and analysis (e.g. TCP/IP) -Knowledge of exploitation tools (e.g., sniffers, key loggers) and their use (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis of other systems in the network) -Have obtained one or more recognized cybersecurity certification(s) such as, but not limited to, Security, GSEC, CISA, CISM, CySA, CEH, CASP, CISSP Management Preferences: -Currently possess an active advanced cybersecurity certification such as CASP, CISM, and/or CISSP -Knowledge of common adversary tactics, techniques, and procedures (TTPs) (e.g. historical country-specific TTPs, emerging capabilities) to include website defacements, cross-site scripting (XSS), Structured Query Language injection (SQLi) attacks, and/or denial of service (DoS) attacks -Experience implementing cybersecurity incident response and recovery -Experience implementing cybersecurity defense mitigation techniques and vulnerability assessment tools, including commonly used open source tools, and knowledge of their capabilities -Knowledge of cybersecurity threats and threat actors -Working knowledge of computer and digital forensic methodologies and related tools to extract actionable intelligence -Knowledge of state and federal laws and regulations regarding cybercrime -Experience working successfully as a self-directed member of a professional team -Experience working in/with Law Enforcement Agency(s), especially addressing Cyber and/or Homeland Security matters -Knowledge of laws, regulations, and policies regarding Emergency Management and/or Homeland Security -Currently hold a national security clearance. Minimum Education and Experience Requirements Some state job postings say you can qualify by an "equivalent combination of education and experience." If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See for details. Bachelor's degree in computer science or a related IT field or related degree from an appropriately accredited institution and two years of progressive experience in IT Security or closely related area; or Associate degree in computer science or a related IT field or related degree from an appropriately accredited institution and three years of progressive experience in IT Security or closely related area; or an equivalent combination of education and experience. Supplemental and Contact Information The North Carolina Department of Public Safety (DPS) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders. We are committed to reviewing requests for reasonable accommodation at any time during the hiring process or while on the job. DPS uses the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified individuals. Hiring salary will be based on relevant qualifications, internal equity and budgetary considerations pertinent to the advertised position. It is critical to our screening and salary determination process that applications contain comprehensive information. Information should be provided in the appropriate areas to include the beginning and ending dates of jobs worked, education with the date graduated, all work experience, and certificates / licenses. Resumes will not be accepted in lieu of completing this application. Answers to Supplemental Questions must refer to education or work experience listed on this application to receive credit. Degrees must be received from appropriately accredited institutions. Applicants seeking Veteran's Preference must attach a DD-214 Member-4 Form (Certificate of Release or Discharge from Active Duty) to their applications. Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if they are a current member of the NC National Guard in good standing. If a former member of the NC National Guard who served for at least 6 years and was discharged under honorable conditions, they must attach either a DD256 or NGB 22. If applicants earned college credit hours but did not complete a degree program, they must attach an unofficial transcript to each application to receive credit for this education. If applying for a Juvenile Justice & Delinquency Prevention position certified through the NC Dept. of Justice - Criminal Justice Standards Division, please click this link for specific certification requirements: The NC Dept. of Public Safety must adhere to the US Dept. of Justice Final Rule on the "National Standards to Prevent, Detect, and Respond to Prison Rape." Click this link for information on hiring and promotion prohibition requirements in the Division of Juvenile Justice & Delinquency Prevention: Per , applicants hired into a position certified as a criminal justice officer or justice officer are required to electronically submit fingerprints to the NC State Bureau of Investigation for a state and national criminal history record check and enrollment in the This is in addition to submitting fingerprints during the application process. Due to the volume of applications received, we are unable to provide information regarding the status of your application over the phone. To check the status of your application, please log in to your account and click "Application Status." If you are selected for an interview, you will be contacted by management. If you are no longer under consideration, you will receive an email notification. For technical issues with your application, please call the GovernmentJobs.com Applicant Support Help Line at 855-524-5627. If there are any questions about this posting other than your application status, please contact Elizabeth Gray at elizabeth.grayncdps.gov. NOTE: For temporary, contract or other supplemental staffing appointments: There are no paid leave, retirement or other benefits associated with these appointment types. For permanent and time-limited appointments: Eligible employees have benefits that include employee health insurance options, standard and supplemental retirement plans, NC Flex (a variety of high-quality, low-cost benefits on a pre-tax basis), and paid vacation, sick, and community service leave, to name a few. Paid parental leave is available for eligible employees. Some benefits require 30 hours work/week for participation. 01 To qualify for this position, applicants must possess the required "Minimum Education and Experience" AND all "Knowledge, Skills and Abilities" listed on the job posting. I understand that my application MUST include a complete work history in the "Work Experience" section, all education in the "Education" section, and credentials in the "Certificates and Licenses" section. I understand that a resume is NOT a substitute for completing the sections listed above. Also, I understand that Supplemental Questions are part of the application and the answers are used in the screening process; all questions must be answered completely and accurately. Do you understand this statement? Yes No 02 If selected for this position, the salary offered will be within the posted recruitment range of $81,500 - $101,000. Are you willing to accept a salary in this range? (NOTE: Answering "No" to this question will result in your application being withdrawn from further consideration for this position.) Yes No 03 Which of the following is the highest level of education you have COMPLETED? Some High School High School Diploma or GED Certificate Some College Associates Degree in a related field Associate's Degree in an unrelated field Bachelor's Degree in a related field Bachelor's Degree in an unrelated field Master's Degree or higher in a related field Master's Degree or higher in an unrelated field 04 If you have a degree in a field other than computer science or IT, please attach an unofficial transcript to receive credit for related courses. Alternatively, you may list related courses you completed and their corresponding credit hours here, but you must present an unofficial transcript if you advance to the next step in consideration. (Enter "N/A" if this does not apply.) 05 Please select each of the following Operating Systems that you have experience with: Windows Linux Unix Mac OS iOS Android None of the above 06 If you indicated having experience with Windows, LINUX, UNIX, Mac OS, iOS, and/or Android Operating Systems, please describe your experience, including the system(s) you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A," 07 Please select each of the following security methodologies, processes, and/or hardware you have experience with: Firewalls Intrusion Detection Systems (IDSs) Intrusion Prevention Systems (IPSs) Security Information and Event Management (SIEM) Computer communication networks, protocols, and analysis (e.g. TCP/IP) None of the above 08 If you indicated having experience with firewalls, please describe your experience, including the type(s) of systems you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 09 If you indicated having experience with intrusion detection systems (IDS), please describe your experience, including the type(s) of systems you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 10 If you indicated having experience with intrusion prevention systems (IPS), please describe your experience, including the type(s) of systems you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 11 If you indicated having experience with SIEM, please describe your experience, including the type(s) of systems you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 12 If you indicated having experience with communication networks, protocols, and analysis (TCP/IP), please describe your experience, including the type(s) of systems you have used, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 13 Do you have experience with exploitative tools and their uses? (Ex. sniffers, key loggers) Yes No 14 If you indicated having experience with exploitation tools, please describe your experience, including the exploitation tools you have experience with, and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." 15 Have you obtained one or more of the following recognized cybersecurity certification(s): Security GSEC CISA CISM CySA CEH CASP CISSP Other Cerrification not listed 16 If you indicated having one or more of the above listed certifications, please describe in what capacity you have utilized that certification in and indicate in which job(s) or educational experience(s) you gained this experience. If you do not have this experience, write "N/A." Required Question