In summary we are looking for an analyst who can use the security tools, analyze and respond to the alerts, not someone who would set up / configure the security tools.
• Conducting vulnerability scans and reviewing results
o Work with our Managed Detection and Response (MRD) vendor in reviewing vulnerability findings from scheduled scans
o Work to ensure scanning is properly tuned
o Evaluate findings and apply risk based priority list for mitigation
o Coordinating remediations with City staff
• Ensuring intrusion detection system is working and responding to alerts
o Working with our MDR to ensure IDS is configured properly
o Respond to alerts as they are escalated to team
• Working on log correlation
o bility to review log information within the MDR vendors environment
• Seek opportunities to add additional security controls into the environment in order to mature the security program