Security Consultant

American Technology Consulting

$70K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 2+ years of experience with NIST Cybersecurity Framework and NIST RMF.
  • 2+ years of triaging and analyzing cybersecurity alerts.
  • 2+ years of experience in implementing NIST 800-53 controls.
  • Familiarity with phishing mitigation strategies and email threat analysis.
  • Knowledge of state and federal information security laws and compliance.

Responsibilities

  • Conduct risk assessments and compliance support for DOC.
  • Lead audits and analyze specific risk areas.
  • Monitor corrective actions and draft risk reports.
  • Detect and respond to cybersecurity threats.
  • Assist in forensic investigations and vulnerability management.

Benefits

  • Collaborative work environment with internal and external stakeholders.
  • Opportunity to engage in diverse cybersecurity focus areas.
  • Support for professional development and use of enterprise security tools.
Full Job Description
Description

REQUIRED SKILLS: (Need Most)

  • 2+ years of experience applying NIST Cybersecurity Framework, NIST RMF, and other common security standards.
  1. ).
  • 2+ years of experience in triaging and analyzing cybersecurity alerts.
  • 2+ years of experience and working knowledge of common security frameworks and control theories, including current applicable NIST, CJIS, and ISO standards.
  • 2+ years of experience creating and leading discussions around the implementation and artifact collection of NIST 800-53 controls.
  • Familiarity with phishing mitigation strategies and email threat analysis.
  • Incident response forensics and remediation, including CrowdStrike, sandbox evaluation and detonation, phishing evaluation, malicious website identification, and malicious intent identification.
  • Knowledge of state and federal laws regarding information security, such as HIPAA Security Rule, and experience with audit and compliance activities in conjunction with state and federal partners/regulators such as the WI Legislative Audit Bureau and the U.S. Department of Justice.

NICE TO HAVE SKILLS:

  • 2+ years of experience in technical writing and documentation skills, including incident reports and playbook development.
  • 2+ years of experience in phishing mitigation strategies and email threat analysis.
  • 2+ years of experience supporting endpoint, network, and cloud-based security controls in large-scale environments.
  • Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.

INTERVIEW PROCESS:

  • Teams call with video and audio.
  • Panel interview.


DESCRIPTION OF ROLE:

Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions across the Wisconsin Department of Correction (DOC). Core responsibilities include providing risk assessment and/or compliance support. Taking part in or leading audits, submitting findings, analyzing risks for specific areas, monitoring corrective actions, and drafting risk reports with metric charts and ongoing effort accountability. This position assesses, documents, and provides guidance to other IT staff and non-IT areas on how to align IT operational and technology processes based on information technology risk assessments and/or with regulatory compliance/audit functions. This position will also provide support in detecting, analyzing, and responding to cybersecurity threats, participating in forensic investigations, and contributing to ongoing vulnerability management efforts. The role may also include supporting cloud security initiatives, assisting with tabletop exercises, and developing security response procedures.

The incumbent will work collaboratively with internal stakeholders across DOC, as well as external partners including the Department of Administration's Division of Enterprise Technology (DOA/DET). The role will utilize a variety of enterprise security tools and platforms.

This position may be assigned to focus areas such as incident response, phishing mitigation, threat detection, security awareness, vulnerability scanning, or forensic analysis, depending on organizational needs. The analyst will represent the DOC Information Security Section (ISS) team in technical discussions, project work, and collaborative efforts to improve DOC's cybersecurity posture.

The position requires strong communication and problem-solving skills, the ability to work independently on complex tasks, and a commitment to upholding the security and privacy standards of DOC. Clients and collaborators include information technology (IT) staff, application developers, infrastructure teams, business units, vendor, and external governmental partners. The work environment is dynamic, requiring adaptability, initiative, and a proactive mindset.

This position shall comply with the Department's administrative rules and the agency's policies and procedures including those related to the Department's overall Reentry philosophy of using evidence-based strategies, practices and programs which target an offender's individual criminogenic needs and risk level.

Goals and Worker Activities

60% - Support cybersecurity policy execution, operational standards, and governance activities.

20% - Monitor, detect, respond to, and investigate cybersecurity threats across DOC's enterprise environment.

15% - Contribute to the configuration, deployment, and lifecycle management of security technologies.

5% - Maintain current expertise in cybersecurity tools, trends, and techniques.

Contribute to internal knowledge sharing and cross-training within the security team

Similar Jobs

More Jobs at American Technology Consulting

  • Security Consultant
    $70K — $95K *
    Madison, WI 53711 (Dane County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Security Consultant jobs: