Job Title: Security Analyst
Job Location: Tallahassee, FL (on-site)
Job Duration: Contract through June + extension
Job Overview:
- Leading the technical implementation of security projects, focusing on system hardening, network security, and identity management while collaborating with teams to meet law enforcement-specific security standards.
- Hands-on expertise in firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), encryption, and secure Microsoft configurations, along with conducting vulnerability assessments and developing remediation strategies.
- Manage security tools, support threat detection and incident response, and ensure integration of security platforms.
- Compliance with Criminal Justice Information Services (CJIS) and state regulations is critical, as is working with Governance, Risk, and Compliance (GRC) teams to ensure adherence and address audit gaps.
- Documentation and training on cybersecurity solutions and processes are required, with a focus on CJIS and state regulations; and
- Demands reengineering security processes for efficiency and compliance, providing support for cybersecurity issues, and staying informed on emerging threats and technologies.
Job Responsibilities:
Project Implementation:
- Lead the technical implementation of security projects, focusing on system hardening, network security, encryption tools, vulnerability management, security monitoring, and identity and access management (IAM) systems within a Microsoft and Azure environment.
- Collaborate with cross-functional teams to deploy security solutions that meet project requirements, with a focus on law enforcement-specific security standards.
- Ensure timely delivery of security projects aligned with the organization's requirements, maintaining adherence to scope, timeline, and budget.
Technical Expertise:
- Provide hands-on expertise in areas such as firewalls, IDS, IPS, encryption, endpoint protection, and secure configuration of Microsoft environments.
- Implement secure system architecture and networking solutions, particularly within Microsoft Azure.
- Conduct vulnerability assessments and develop remediation strategies, ensuring continuous improvement in security posture.
Security Tools and Platforms:
- Configure, deploy, and manage security tools such as Security Information and Event Management (SIEM) systems, Microsoft Azure Security Center, and endpoint security solutions tailored for a Microsoft environment; and
- Ensure proper integration of security platforms across IT systems and support threat detection, prevention, and incident response.
Incident Response:
- Design and maintain incident response procedures specifically tailored to a law enforcement setting.
- Conduct root cause analysis and develop and implement appropriate remediation measures.
Security Compliance:
- Ensure adherence to CJIS, State of Florida regulations, and other relevant security compliance standards.
- Work closely with GRC teams to ensure the organization remains in compliance with state and federal security regulations; and
- Assist with security audits, including CJIS compliance reviews, and address any identified gaps to maintain compliance in Microsoft and Azure systems.
Documentation and Training:
- Develop and maintain up-to-date documentation of new and existing cybersecurity solutions and processes specific to law enforcement and CJIS requirements; and
- Provide training to IT staff on security protocols and contribute to security awareness initiatives for the organization, with a focus on compliance with CJIS and state regulations.
Processes Implementation and Reengineering:
- Experience in designing, implementing, and optimizing security processes to enhance operational efficiency, align with compliance requirements (e.g., CJIS), and mitigate risks across IT and organizational functions.
- Proven ability to re-engineer existing security processes to improve system integrity, streamline workflows, and ensure alignment with evolving technology and regulatory standards, particularly within Microsoft and Azure environments.
Collaboration and Support:
- Work with IT operations and development teams to ensure security is integrated into systems and processes.
- Provide troubleshooting and support for cybersecurity-related issues, with an emphasis on Microsoft and Azure environments.
- Stay current on emerging cybersecurity threats and technologies, particularly those affecting law enforcement and compliance with CJIS and state cybersecurity standards.
Required Experience:
- Five (5) years or more of server or network administration experience.
- Three (3) years or more of information security administration experience in an enterprise environment with 1,000 or more users.
- Two (2) years or more experience managing technical implementations.
- Three (3) years or more of SIEM experience.
- Three (3) years or more of vulnerability management experience.
- Knowledge of security issues, techniques, and implications across all existing computer platforms.
- Experience maintaining and supporting 3rd party antivirus applications.
Experience:
- Experience working with IDS/IPS systems.
- Experience using Office 365 Data Loss Prevention (DLP).
- Preparing status reports and providing management briefings.
- Knowledge of IT standards in a criminal justice environment.
- Experience with Microsoft security technologies such as Azure Security Center, Microsoft Defender, and Active Directory; and
Familiarity with law enforcement security standards, specifically CJIS, and other relevant state of Florida regulations.