Previous Job
DTMB- MCS- IT Security Analyst 3- Incident Response
Ref No.: 18-54724
Location: Dimondale, Michigan
Start Date: 08/01/2018
Status New
Position # 571536
Position DTMB- MCS- IT Security Analyst 3- Incident Response
Client & Department State of Michigan- DTMB- MCS
Worksite Address Dimondale, MI 48821
Tenure 12+ Months
No. of Openings 3 (INTERVIEW TYPE: In Person only)
No. of submittals 3

NOTE: The client plans to schedule IN PERSON ONLY interviews for this position the week of August 6th. Please confirm your candidate will be available to interview any of those days if selected.

Skill Required / Desired Amount of Experience Candidate Experience Last Used
In-depth knowledge of security monitoring and incident response Required 5 Years
Knowledge of conducting security investigations. Required 5 Years
Experience with using and customizing SIEM products. Desired 5 Years
Solid understanding of network protocols and architecture. Required 5 Years
Demonstrated experience with performing digital forensics and incident response using industry leading tools. Required 5 Years
Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark. Required 5 Years
Experience solving problems with scripting languages such as Perl, Python, PowerShell or Bash. Required 5 Years
Demonstrated experience operating information security tools is required. Required 5 Years
Demonstrated experience integrating information security tools is required. Required 5 Years
Understanding of the tactics, techniques and procedures of advanced attackers Required 5 Years
Ability to leverage multiple forms of communication to articulate complex concepts to technical and non-technical staff, including senior management Required 5 Years
SANS Training Desired
EnCase Certified Examiner (EnCE) Desired
Offensive Security Certified Professional (OSCP) Desired
CISSP Desired
3-5years of experience in Security Operations and Incident Response. Required 3 Years

SHORT DESCRIPTION: Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

COMPLETE DESCRIPTION: Years of Experience: 5 or more years of experience in the field.

  • Member of the Michigan Security Operations Center (MiSOC) and will focus on Incident Response.
  • Identify security issues and risks associated with security events and manage the incident response process.
  • Participate in the incident response and investigation process for identified security events.
  • Use the Security Incident Event Management (SIEM) platform (IBM's QRadar) to perform Incident Response identification and response.
  • Perform network and system forensics in response to security incidents.
  • Optimize and customize security-monitoring tools to improve detection.
  • Hunt for signs of APT activities.
  • Maintain and update the security operational workflow.