IT Security Risk Analyst

Confidential Company  •  Scottsdale, AZ and 3 other locations

Less than 5 years experience  •  Government

Salary depends on experience
Posted on 08/04/17 by Ahtisam Shaikh
Confidential Company
Scottsdale, AZ
Less than 5 years experience
Government
Salary depends on experience
Posted on 08/04/17 Ahtisam Shaikh

Position details:

Job Title: IT Security Risk Analyst

Location: Phoenix, AZ 85007

Duration: 12+ months (Strong Possibilities of extension)

Role and Responsibilities:

  • This role will be part of the Infrastructure Protection Unit within the Information Technology Group of the Arizona Department of Transportation.
  • This position requires expert level experience and administration duties with security even and incident management systems (SEIM).
  • It also requires expert level experience in security engineering, network security, authentication and security protocols.
  • The position requires hands-on analysis activities such as identifying SQI and XSS vulnerabilities, analyzing packet captures and completing scripting (e.g., PowerShell, VB) tasks.
  • The position requires skill in IT certification activities such as vulnerability scanning, syslog review/interpretation and application security analysis.
  • Documenting system security plans and completing risk assessments are required for this position.

Responsibilities:

  • Administer the security event and incident management (SEIM) system.
  • Analyze packet captures, network configs, system logs, application code and scripts.
  • Write scripts to automate manual security tasks.
  • Complete written security audits and risk assessments.
  • Identifying web application and database deficiencies and vulnerabilities.
  • Certify systems based on database configuration, application scans and system configuration settings.

Qualifications and Education Requirements:

  • Bachelordegree with six years of information security experience; or bachelordegree with three years of security risk assessment experience
  • Three years' experience administering SEIM systems
  • Firm understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800 series, FISMA, BITS etc.)
  • Firm understanding of network security, OSI model, and information security architecture
  • Demonstrated experience in penetration testing/vulnerability mgmt tools and techniques

Preferred Skills:

  • Secure Network administration
  • Security Event & Incident Management system administration
  • Packet Analysis & Scripting
  • Ethical Hacking
  • Network, Application, Data and Host Security
Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.