Information Security Analyst (00168)

Title: Information Security Analyst (00168)

State Role Title: Info Technology Specialist III

Hiring Range: $85,000.00 - $110,000.00

Pay Band: 6

Agency: Dept of Human Resource Mgt

Location: Dept of Human Resource Mgmt

Agency Website: https://www.dhrm.virginia.gov

Recruitment Type: State Employee Only - E

Job Duties

The Department of Human Resource Management’s Office of Information Security and Risk Management is seeking a qualified individual to fill the position of Information Security Analyst. This position is responsible for supporting the protection of DHRM’s electronically generated, stored, and transmitted information. The role includes ongoing monitoring and assessment of security risks, as well as the design and delivery of staff training to reduce the agency’s cybersecurity exposure. This position will also assist the DHRM Chief Information Security Officer (CISO) in the design, implementation, and maintenance of the agency’s information security program. Responsibilities include drafting and enforcing policies and procedures, supporting risk and vulnerability assessments, and assisting with the development, testing, and execution of the agency’s Disaster Recovery Plan (DRP). This position also serves as the Deputy Information Security Officer (ISO) acting as a designated backup to the Chief Information Security Officer. The Deputy ISO may represent the Information Security Program in meetings, audits, and communications when delegated by the CISO. Key duties of this position also include: (1) Assessing emerging network threats and attack vectors; (2) Monitoring security logs and responding to incidents; (3) Evaluating system, application, and infrastructure configurations for compliance with Commonwealth security standards; (4) Supporting the development of physical and logical information security standards; (5) Researching and recommending cybersecurity technologies and tools.

Minimum Qualifications

Working knowledge of cybersecurity regulations, especially Commonwealth standards such as SEC530. Working knowledge of scripting, vulnerability scanning tools, and security information and event management (SIEM) platforms. Working knowledge of systems, applications, and network vulnerabilities, and relevant mitigation techniques. Knowledge of basic and intermediate cybersecurity principles and tools. Demonstrated experience in reviewing logs, identifying anomalies, and performing root-cause analysis. Demonstrated ability in conducting vulnerability assessments and security reviews. Excellent written and verbal communication skills with the ability to translate technical content for non-technical audiences. Ability to work independently, prioritize tasks, and meet deadlines under pressure. Skill in building effective relationships with technical and non-technical stakeholders. High school graduate or equivalent.

Additional Considerations

Considerable experience in information security, risk management, or security operations. CompTIA Security+, Systems Security Certified Practitioner (SSCP), or GIAC Security Essentials Certification (GSEC) certification.

Special Instructions

You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to “Your Application” in your account to check the status of your application for this position.

State employees who have been affected by Policy 1.3 Layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card) must submit the card BEFORE the closing date for this position. The card may be scanned and attached to the application or faxed to (804) 371-7401. Please include your name and the position number of the fax cover sheet. AMERICORPS, PEACE CORPS, AND OTHER NATIONAL SERVICE ALUMNI ARE ENCOURAGED TO APPLY.

“The Department of Human Resource Management is dedicated to recruiting, supporting, and maintaining a competent and diverse work force.”

Equal Opportunity Employer

Contact Information

Name: Derek Mountford

Phone: 804-225-2729

Email: derek.mountford@dhrm.virginia.gov

In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.

Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.