Security Analyst II

Sundial Software

$70K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • At least 2 years of experience with NIST Cybersecurity Framework and RMF.
  • Proficiency in analyzing security frameworks including NIST, CJIS, and ISO standards.
  • Strong background in implementing NIST 800-53 controls and leading discussions around them.
  • Experience with triaging cybersecurity alerts and using enterprise security tools.
  • Familiarity with phishing mitigation and email threat analysis strategies.
  • Expertise in incident response forensics and remediation techniques.
  • Excellent technical writing skills, including incident reports and security playbooks.

Responsibilities

  • Conduct risk assessments and provide compliance support within Wisconsin DOC.
  • Lead audits, analyze risks, and submit findings for monitoring corrective actions.
  • Draft risk reports with metrics and maintain accountability for ongoing efforts.
  • Advise IT and non-IT staff on aligning operational processes with risk assessments.
  • Detect, analyze, and respond to cybersecurity threats while participating in forensic investigations.
  • Support cloud security initiatives and assist with vulnerability management efforts.
  • Develop security incident response procedures and conduct tabletop exercises.

Benefits

  • Remote work flexibility after orientation.
  • Opportunity to work on cybersecurity initiatives within state government.
  • Potential for position extension beyond initial duration.
  • Involvement in compliance and risk management in a public sector environment.
Full Job Description
The State of Wisconsin DOC is looking for a Security Analyst II.

*MUST BE WISCONSIN RESIDENT - NO RELOCATION*

Remote work after orientation.

Top Skills & Years of Experience: At least 2 year's of experience required in the following:

- Understanding of NIST Cybersecurity Framework, NIST RMF, and other common security standards.

- Experience and working knowledge of common security frameworks and control theories to include current applicable NIST, CJIS, and ISO standards

- Experience with creating and leading discussions around the implementation and artifact collection of NIST 800-53 controls

- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.

- Familiarity with phishing mitigation strategies and email threat analysis.

- Incident Response Forensics and Remediation (i.e. Crowdstrike, Sandbox evaluation & detonation, Phish evaluation, Malicious Website and Malicious Intent Identification)

- Customer service as it pertains to security incident management and communication with end user about dangerous behavior.

- Excellent technical writing and documentation skills, including incident reports and playbook development.

- Ability to work independently and as part of a distributed team to achieve shared objectives.

Nice to have skills:

- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.

- Strong interpersonal communication skills with the ability to explain complex topics to non-technical audiences.

- Experience working as a team member on projects to improve business needs.

- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.

- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.

Project Details: Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions across the Wisconsin Department of Correction (DOC). Core responsibilities include providing risk assessment and/or compliance support. Taking part in or leading audits, submitting findings, analyzing risks for specific areas, monitoring corrective actions, and drafting risk reports with metric charts and ongoing effort accountability. This position assesses, documents, and provides guidance to other IT staff and non-IT areas on how to align IT operational and technology processes based on information technology risk assessments and/or with regulatory compliance/audit functions. This position will also provide support in detecting, analyzing, and responding to cybersecurity threats, participating in forensic investigations, and contributing to ongoing vulnerability management efforts. The role may also include supporting cloud security initiatives, assisting with tabletop exercises, and developing security response procedures.

Interview Process: Teams Call with video and audio. (Panel Interview)

Duration: June 30, 2027 with possibility of extension.

Hybrid Remote: Remote daily work with the ability to report to Madison Office for training or when required for emergency situations. Must be a WI resident. No relocation allowed. Position will be 100% remote after training.

Similar Jobs

More Information Technology Jobs

Find similar Security Analyst II jobs: