Address
Form of workInitial Posting Date:
05/10/2023
Application Deadline:
06/11/2023
Agency:
Oregon State Treasury
Salary Range:
Position Type:
Employee
Position Title:
Information Security Analyst
Job Description:
Oregon State Treasury is recruiting for the position of Information Security Analyst.
The primary purpose of this position is to proactively monitor our infrastructure, detect and respond to security incidents, and implement security measures to prevent future incidents. This position works closely with members of the information technology team and other business groups to ensure the safety and protection of information technology assets and systems. This position ensures that OST users understand and adhere to necessary policy standards and procedures to maintain an effective Information Security posture and monitors and evaluates cybersecurity and internal threats and performs threat and anomaly detection and analysis.
Work Schedule
This position will have the opportunity for a hybrid (remote and in-office) work location schedule; in-office work will be predominately from Treasury's office in Salem. The schedule will be approximately 90+% time spent remote with a minimum of eight times per year in-office presence, spread over each quarter of the year.
Salary Range
$76,956-$116,460 annually.
Job Classification
This position is classified as an Information Systems Specialist 8. This position is a SEIU represented position.
Job Duties Summary
Minimum Qualifications for Our Position
Ideal Candidate Desired Attributes & Desired Experience
Important Application Details
In order to apply and be considered for this position, you are required to upload your resume, and a cover letter describing how your experience, training and education have prepared you for this position.
We will accept applications through the job announcement closing date, however, we may close this recruitment early, if we receive a well-qualified applicant pool. If interested, please apply early.
Benefits of Joining Our Team
About Oregon State Treasury
Oregon State Treasury is focused on improving the financial well-being of all Oregonians. We provide low-cost programs for governments, and empower Oregonians to invest in themselves and their loved ones for a more secure future.
We are committed to cultivating a workplace that is diverse, inclusive, and respectful. We value and
support the collective differences in who we are and celebrate the fact that everyone comes to the table as their own unique individual. We believe this commitment empowers our success and makes Oregon State Treasury
an excellent place to work. As Treasury employees, our commitment to diversity, equity, and inclusion makes
this a safe environment for us to ask questions, learn, and grow, and helps us to better serve Oregonians.
Oregon State Treasury is led by State Treasurer Tobias Read. As Treasurer, he is the state's financial leader, the custodian of public funds and chief investment officer. We prioritize investing for the long term, doing business the right way, and empowering Oregonians to invest in themselves. We're proud of the work we do to help families, governments, and businesses succeed.
Our Values and Principles
INTEGRITY---INNOVATION---DIVERSITY---TRUST---PROFESSIONALISM---ACCESSIBILITY
Please visit the following webpage to learn more about Oregon State Treasury: https://www.oregon.gov/treasury/Pages/index.aspx
Special Information
05/10/2023
Application Deadline:
06/11/2023
Agency:
Oregon State Treasury
Salary Range:
Position Type:
Employee
Position Title:
Information Security Analyst
Job Description:
Oregon State Treasury is recruiting for the position of Information Security Analyst.
The primary purpose of this position is to proactively monitor our infrastructure, detect and respond to security incidents, and implement security measures to prevent future incidents. This position works closely with members of the information technology team and other business groups to ensure the safety and protection of information technology assets and systems. This position ensures that OST users understand and adhere to necessary policy standards and procedures to maintain an effective Information Security posture and monitors and evaluates cybersecurity and internal threats and performs threat and anomaly detection and analysis.
Work Schedule
This position will have the opportunity for a hybrid (remote and in-office) work location schedule; in-office work will be predominately from Treasury's office in Salem. The schedule will be approximately 90+% time spent remote with a minimum of eight times per year in-office presence, spread over each quarter of the year.
Salary Range
$76,956-$116,460 annually.
Job Classification
This position is classified as an Information Systems Specialist 8. This position is a SEIU represented position.
Job Duties Summary
- Monitor security events and alerts from various sources, including SIEM (Security Information and Event Management) tools, intrusion detection systems, and other security technologies.
- Proactively search for and investigate potential threats in OST's environment, developing and maintaining threat hunting playbooks and intelligence sources, analyzing data from security systems and tools to identify potential threats, and conducting in-depth investigations of security incidents.
- Develop custom data correlation queries to identify inappropriate or suspicious activities.
- Perform statistical data modeling, data analysis and advanced data mining.
- Provide threat and vulnerability analysis as well as security advisory services.
- Establish and support security operational activities including monitoring firewalls activity, IPS/IDS systems, end-point protection systems, web access protection, vulnerability and threat protection system, etc.
- Conduct initial triage of security incidents to determine the severity and potential impact to the organization.
- Perform in-depth investigation of security incidents, including analysis of system logs, network traffic, and other forensic data.
- Develop and maintain incident response playbooks, including detection, containment, eradication, and recovery processes.
- Maintain documentation and metrics related to incident response activities, including tracking incident frequency, duration, and resolution times.
- Participate in incident response training, tabletop exercises and develop remediation and improvements to the Incident Response Plan.
- Perform assessments of the IT security/risk posture within the IT network, systems and software applications.
- Participate or perform assessments of vendor IT security program and develop reports outlining the risks to OST; performing onsite physical and program evaluation as needed.
- Participate in vulnerability assessments as assigned utilizing IT security tools and methodologies.
- Assess information risk and facilitate remediation of identified vulnerabilities OST's network, systems and application and report findings and recommendations for corrective action.
Minimum Qualifications for Our Position
- Seven (7) years of experience in a security operations center (SOC) or related security role; OR
- An Associate's degree or higher in Computer Science, Information Technology, or related field, OR
completion of a two (2) year accredited vocational training program in information technology or related
field; AND 5 years of information systems experience in a security operations center (SOC) or related security role; OR - A Bachelor's degree in Information Technology, Computer Science, or related field AND three (3) years of experience in a security operations center (SOC) or related security role; OR
- Master's degree in Information Technology, Computer Science, or related field AND one (1) year experience in a security operations center (SOC) or related security role.
Ideal Candidate Desired Attributes & Desired Experience
- Possess advanced technical knowledge in security operations, incident response, threat detection, and threat hunting.
- Experience monitoring networks using security information and event management (SIEM) tools and other security technologies to detect and respond to security incidents.
- Experience using security tools such as SIEM, SOAR, EDR, threat intelligence platforms, vulnerability scanners, IDS/IPS, forensic tools, IAM, incident response platforms, and DLP tools.
- Experience performing in-depth investigations of security incidents, including analyzing system logs, network traffic, and other forensic data.
- Experience developing and maintaining incident response playbooks, including detection, containment, eradication, and recovery processes.
- Understand network security concepts, such as network segmentation, firewall configuration, and intrusion detection and prevention.
- Experience participating in red team exercises and vulnerability assessments to identify weaknesses in the security posture and recommend mitigating controls.
- Experience using security standards such as NIST CSF, NIST 800 series, PCI DSS, MITRE ATT&CK, etc.
- Excellent communication skills, both written and verbal, and be able to effectively communicate complex technical information to a variety of audiences.
- Excellent attention to detail and accuracy
- Adaptable, flexible, and tolerant of ambiguity
- Self-motivated and resourceful
- High emotional intelligence and self-awareness
Important Application Details
In order to apply and be considered for this position, you are required to upload your resume, and a cover letter describing how your experience, training and education have prepared you for this position.
We will accept applications through the job announcement closing date, however, we may close this recruitment early, if we receive a well-qualified applicant pool. If interested, please apply early.
Benefits of Joining Our Team
- Low employee premium share for medical, dental, vision, and basic employee life (1% or 5% employee share);
- Robust paid leave package, such as vacation, personal business, holidays, sick leave, and special holiday leave;
- PERS retirement benefits;
- Support with training and development;
- Student loan forgiveness under the Public Service Loan Forgiveness Program (PSLF);
- Optional benefits include optional life, short & long term disability, accidental death and dismemberment, Oregon Savings Growth Plan (deferred compensation plan), flexible spending accounts, long term care insurance, employee assistance program, weight watchers, and more!
About Oregon State Treasury
Oregon State Treasury is focused on improving the financial well-being of all Oregonians. We provide low-cost programs for governments, and empower Oregonians to invest in themselves and their loved ones for a more secure future.
We are committed to cultivating a workplace that is diverse, inclusive, and respectful. We value and
support the collective differences in who we are and celebrate the fact that everyone comes to the table as their own unique individual. We believe this commitment empowers our success and makes Oregon State Treasury
an excellent place to work. As Treasury employees, our commitment to diversity, equity, and inclusion makes
this a safe environment for us to ask questions, learn, and grow, and helps us to better serve Oregonians.
Oregon State Treasury is led by State Treasurer Tobias Read. As Treasurer, he is the state's financial leader, the custodian of public funds and chief investment officer. We prioritize investing for the long term, doing business the right way, and empowering Oregonians to invest in themselves. We're proud of the work we do to help families, governments, and businesses succeed.
Our Values and Principles
INTEGRITY---INNOVATION---DIVERSITY---TRUST---PROFESSIONALISM---ACCESSIBILITY
Please visit the following webpage to learn more about Oregon State Treasury: https://www.oregon.gov/treasury/Pages/index.aspx
Special Information
- Prospective employees are subject to an extensive background check that may include, but not be limited to, validation of all application materials, prior employment and personal references, credit history, driving records and fingerprint-based state and federal criminal and civil records. Adverse background data may be grounds for immediate disqualification.
- OST does not offer visa sponsorships, and within three days of hire, the successful candidate will be required to complete the U.S. Department of Homeland Security form I-9, confirming authorization to work in the United States.
- Eligible veterans who meet the qualifications will be given veterans' preference. To receive preference you MUST attach appropriate documentation as outlined by the Department of Administrative Services at the following website: Veterans Resources. You may also call the Oregon Department of Veterans' Affairs at 1-800-692-9666.
- OST is an equal opportunity, affirmative action employer committed to a diverse workforce.
- Consistent with the Americans with Disabilities Act (ADA), Oregon State Treasury will provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. Requests for reasonable accommodation applies to all aspects of employment, including the application process. If reasonable accommodation is needed, please call Oregon State Treasury at 503-378-4000 and request to be connected to Human Resources.
