IT PROFESSIONAL 3 - SECURITY OPERATIONS CENTER (SOC) ANALYST

•APPLICANTS

MUST BE AUTHORIZED TO WORK FOR ANY EMPLOYER IN THE UNITED STATES. WE ARE UNABLE TO SPONSOR OR TAKE OVER SPONSORSHIP OF AN EMPLOYMENT VISA

•This is a non-supervisory position located in Carson City or Las Vegas areas within the Governors Technology Office, Office of Information Security and Cyber Defense. The incumbent serves as the Security Operations Center Analyst and monitors, detects, and investigates cybersecurity threats in real-time, protecting The State's networks and data. You will operate SIEM tools, conduct vulnerability management, and prepare security reports to ensure our security infrastructure protects critical organizational assets 24/7. The incumbent will continuously monitor security consoles (SIEM, EDR) to identify anomalies, potential breaches, or malware. This position will assess the severity of alerts, validate security incidents, and perform initial analysis. Incumbents will manage incident to contain threats, mitigate damages, and escalate complex, high-risk incidents to senior analysts, the SOC Manager or incident response teams. Incumbents must be capable of maintaining incident response playbooks, Standard Operating Procedures (SOPs), and overarching security strategies as well as documenting incident details, security metrics, and remediation steps in reports. Incumbents will report to the Security Operations Manager, utilize SOC tools (SIEM, SOAR, IDS/IPS), triage alerts, ensure service level adherence, utilize threat intelligence, conduct proactive threat hunting, and analyze vulnerabilities. Information Technology (IT) Professionals analyze, develop, implement, maintain, and modify computer operations, systems, networks, databases, applications, and/or information security. Incumbents may perform duties in one or more IT specialization areas depending on the needs of the agency.

Bachelor's degree from an accredited college or university in computer science, management information systems, or closely related field and three years of professional IT experience relevant to the duties of the position which may include computer operations, systems administration, network administration, database administration, applications analysis and development, and/or information security, one year of which was at the journey level; OR one year of relevant experience as an IT Professional II in Nevada State service; OR an equivalent combination of education and experience as described above.

Conduct detailed alternative analyses and determine end-user requirements through consultation with end-users, technicians, vendors, management, and others. Maintain documentation related to the assigned IT specialization's architecture, operations, and other records of work activities as required. Maintain current knowledge of technological trends and advancements in the IT field as well as security management practices, laws, policies, and ethics. Participate in recommending and justifying resource allocations and expenditure decisions, tracking, and recording expenditures, preparing purchase requests, and writing technical requirements for grant proposals. Perform related duties as assigned. Under general direction, incumbents perform advanced journey level duties and may train, supervise, and evaluate the performance of subordinate staff and/or serve as a project leader as assigned. Incumbents may function as a unit leader to include directing the activities of a branch IT support unit, overseeing projects of limited scope, and coordinating activities with other work groups. This is a supervisory level for Computer Operations and the journey level for Information Security positions. This job specification lists the major knowledge, skills and abilities of the job and is not all inclusive. Incumbent(s) will be expected to have knowledge, skills and abilities from a previous level.

Information Security:

Working knowledge of: three of the ten security domains; current principles, theories, practices, and procedures of information security management.

General knowledge of:

general-purpose security controls; current information security trends and technologies.

Ability to:

develop plans to safeguard against accidental or unauthorized modification, destruction or disclosure of data to meet security needs; assess costs and present alternatives for the assigned area of responsibility; participate in long-term projects and strategic planning; organize resources and materials in order to meet project timelines; assess the security and/or vulnerability of information assets to assist in developing a risk assessment; analyze data, solve problems and make appropriate decisions within three of the ten domains; provide effective and responsive customer service; establish and maintain positive working relationships with others; develop and implement information security training materials and workshops.

Skill in:

technical writing, report preparation and oral communication.

RECRUITER CONTACT INFORMATION

Jon Terrazas at j.terrazas@admin.nv.gov