Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ITS I Cyber Security Analyst - SOC
Company CDT | CA GOV Dept of Technology
Location Rancho Cordova, CA USA / Remote 90% Telework
Preferred GIAC Certifications GSEC, GCIH, GCIA, GPEN, GDAT, GCFA, GMON, GCTI
Travel 0%
Salary Not provided
Contact Name CalCareer Jobs
Contact Email CalCareer/at/
Expires 2021-12-19

Job Description

Wednesday-Saturday (4/10)(3 days off)

Job Description

Work Shift:

Steps to get a State Job in California:

Generous Benefits
The State of California offers its employees generous benefits that include retirement and savings plans, health and dental insurance, and access to long-term disability and long-term care insurance. You will also earn vacation and sick leave.

Under the direction of the Security Monitoring and Intelligence (SMI) Information Technology Supervisor II (IT Sup II), the Information Technology Specialist I (IT Spec I) is a member of the Security Operations Center (SOC) working as a high-level technical security specialist. The IT Spec I will perform Tier 2/1 SOC duties as needed as part of the security detection, analysis, and response team to provide critical protection of California Department of Technology (CDT) and State Information Technology (IT) assets. The IT Spec I will participate in incident response activities as required as a member of the IT Security Incident Response Team.

Desirable Qualifications
In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

Experience in a Cybersecurity/Information Security role, including security vulnerability assessment, security event analysis, security incident response, security technology (firewall, antivirus, web security, data loss prevention) administration, security policy maintenance.

Related Bachelor’s degree in Science, Business, and/or Security.

GIAC or Security certification related to cyber defense, incident response, penetration testing, or security management.

Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).

Knowledge of cyber threats and vulnerabilities.

Knowledge of incident response and handling methodologies. Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).

Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).

Knowledge of penetration testing principles, tools, and techniques.

Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list).