Cyber Defense Incident Responder - 72004158
TALLAHASSEE, FL, US, 32301
Requisition No: 835156
Agency: Management Services
Working Title: CYBER DEFENSE INCIDENT RESPONDER - 72004158
Pay Plan: Career Service
Position Number: 72004158
Salary: $75,000.00 - $90,000.00
Posting Closing Date: 11/11/2024
Total Compensation Estimator Tool
Cyber Defense Incident Responder
Florida Digital Service
State of Florida Department of Management Services
This position is located in Tallahassee, FL
Florida Digital Service:
The Florida Digital Service (FL[DS]) was established to propose innovative solutions that securely modernize state government, including technology and information services, to achieve value through digital transformation and interoperability, and to fully support the state’s cloud-first policy. It is also the lead entity responsible for enterprise cybersecurity.
Position Overview and Responsibilities:
Reporting to the Incident Response Lead, the Cyber Defense Incident Responder investigates, analyzes, and responds to cyber incidents within the network environment or enclave. Essential job functions and responsibilities include, but are not limited to:
- Provide targeted attack detection and analysis, including the development of custom signatures and SIEM/EDR queries and analytics for the identification of attacks.
- Lead and facilitate in the investigatory process with mission partners by identifying root cause for security events evaluating anomalous activity and tuning for frequent false positives.
- Provide forensic analysis of network packet captures, live memory captures and drive acquisitions, malware, as well as logs from various types of security sensors, applications, and operating systems.
- Participate in Security Architecture reviews for new projects to ensure proposed solutions align with risk requirements.
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
- Participate in the development of custom scripting and security orchestration.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Provide after business hours support in response to security alerts and investigations.
- Perform other duties and tasks as assigned.
Knowledge, Skills, and Abilities:
- Ability to accurately define incidents, problems, and events in the trouble ticketing system.
- Ability to apply an organization's goals and objectives to develop and maintain architecture.
- Ability to develop, update, and/or maintain standard operating procedures (SOPs).
- Ability to operate common network tools (e.g., ping, traceroute, nslookup).
- Ability to monitor measures or indicators of system performance and availability.
- Ability to collaborate effectively with others.
- Ability to function effectively in a dynamic, fast-paced environment.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Ability to establish and maintain automated security control assessments.
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of Digital Forensic Incident Response (DFIR) process.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones (DMZ), encryption).
- Knowledge of local area and wide area networking principles and concepts including bandwidth management.
- Knowledge of measures or indicators of system performance and availability.
- Knowledge of the Confidentiality Integrity and Availability (CIA) security triad concept
- Knowledge of performance tuning tools and techniques.
- Knowledge of server and client operating systems.
- Knowledge of systems administration concepts.
- Knowledge of the enterprise IT architecture.
- Knowledge of the type and frequency of routine hardware maintenance.
- Knowledge of Virtual Private Network (VPN) security.
- Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).
- Knowledge of virtualization technologies and virtual machine development and maintenance.
- Knowledge of organizational IT user security policies (e.g., account creation, password rules, access control).
- Knowledge of system administration, network, and operating system hardening techniques.
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Knowledge of Personally Identifiable Information (PII) data security standards.
- Knowledge of Payment Card Industry (PCI) data security standards.
- Knowledge of Personal Health Information (PHI) data security standards.
- Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
- Knowledge of systems engineering theories, concepts, and methods.
- Knowledge of system/server diagnostic tools and fault identification techniques.
- Knowledge of operating system command-line tools.
- Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- Knowledge of principles and methods for integrating system components.
- Skill in configuring and optimizing software.
- Skill in diagnosing connectivity problems.
- Skill in maintaining directory services. (e.g., Microsoft Active Directory, LDAP, etc.).
- Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).
- Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
- Skill in interfacing with customers.
- Skill in conducting system/server planning, management, and maintenance.
- Skill in correcting physical and technical problems that impact system/server performance.
- Skill in troubleshooting failed system components (i.e., servers).
- Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.
- Skill in installing system and component upgrades. (i.e., servers, appliances, network devices).
- Skill in monitoring and optimizing system/server performance.
- Skill in recovering failed systems/servers. (e.g., recovery software, failover clusters, replication, etc.).
- Skill in operating system administration. (e.g., account maintenance, data backups, maintain system performance, install and configure.
- Accountability, Communication, Empowerment, Flexibility, Integrity, Respect, Teamwork.
Minimum Qualifications:
- Skill in conducting system/server planning, management, and maintenance.
- Knowledge of system administration, network, and operating system hardening techniques.
- Experience with vulnerability management solutions.
- Ability to work On-Call.
Desirable Certifications:
Security+, CySA +, CEH, CJIS or equivalent certifications.
Our Organization and Mission:
Under the direction of Governor Ron DeSantis, Secretary Pedro Allende and DMS’ Executive Leadership Team, the Florida Department of Management Services (DMS) is a customer-oriented agency with a broad portfolio that includes the efficient use and management of real estate, procurement, human resources, group insurance, retirement, telecommunications, fleet, and federal property assistance programs used throughout Florida’s state government. It is against this backdrop that DMS strives to demonstrate its motto, “We serve those who serve Florida.”
Special Notes:
DMS is committed to successfully recruiting and onboarding talented and skilled individuals into its workforce. We recognize the extensive training, experience and transferrable skills that veterans and individuals with disabilities bring to the workforce. Veterans and individuals with disabilities are encouraged to contact our recruiter for guidance and answers to questions through the following provided email addresses:
DMS.Ability@dms.fl.gov
DMS.Veterans@dms.fl.gov
An individual with a disability is qualified if he or she satisfies the skills, experience, and other job related requirements for a position and can perform the essential functions of the position with or without reasonable accommodation. Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must contact the DMS Human Resources (HR) Office at (850) 488-2707. DMS requests applicants notify HR in advance to allow sufficient time to provide the accommodation.
Successful completion of background screening will be required for this position.
Criminal background investigation including fingerprinting and statewide and national criminal history records check per Section 110.1127 Florida Statutes, Chapter 435 Florida Statutes and the Federal Bureau of Investigation’s CJIS Security Policy CJISD-ITS-DOC-08140-4.5
Pursuant to F.S. 215.422 every officer or employee who is responsible for the approval or processing of vendors’ invoices or distribution of warrants to vendors are mandated to process, resolve and comply as section 215.422 requires.
The State of Florida is an Equal Opportunity Employer/Affirmative Action Employer, and does not tolerate discrimination or violence in the workplace.
Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify the agency hiring authority and/or People First Service Center (1-866-663-4735). Notification to the hiring authority must be made in advance to allow sufficient time to provide the accommodation.
The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act.
VETERANS’ PREFERENCE. Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veterans’ Preference will receive preference in employment for Career Service vacancies and are encouraged to apply. Certain service members may be eligible to receive waivers for postsecondary educational requirements. Candidates claiming Veterans’ Preference must attach supporting documentation with each submission that includes character of service (for example, DD Form 214 Member Copy #4) along with any other documentation as required by Rule 55A-7, Florida Administrative Code. Veterans’ Preference documentation requirements are available by clicking here. All documentation is due by the close of the vacancy announcement.
Tags: Active Directory Analytics Antivirus Audits CEH CIA Citrix Cloud Cyber defense DFIR DNS EDR Encryption Firewalls Forensics Hyper-V Incident response LDAP Malware Monitoring Network security Privacy Risk management Scripting SIEM TCP/IP VMware VPN Vulnerabilities Vulnerability management
Perks/benefits: Career development Health care Insurance Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.