Cybersecurity Analyst

GA DHS - Cybersecurity Analyst

The Georgia Department of Human Services, Office of Information Technology, is seeking a qualified candidate for the temporary contractor staffing position of Cybersecurity Analyst as part of the Information Security Team.

Responsibilities:

• Proven experience in cybersecurity operations with hands-on expertise in monitoring and managing multiple security tools, including vulnerability scanning platforms such as Tenable (Nessus, Tenable.sc, or Tenable.io).
• Continuously monitor security tools and systems (e.g., SIEM, IDS/IPS, Crowd Strike EDR, DLP, Tenable vulnerability scanners) to detect, investigate, and respond to potential threats in real time.
• Maintain and oversee the Crowd Strike platform, ensuring proper configuration, alert triage, threat hunting, and endpoint coverage across the organization.
• Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.
• Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements.
• Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner.
• Strong knowledge of system administration, including configuration, hardening, patch management, and monitoring of Windows and Linux servers.
• Coordinate and oversee the production of evidence to support internal and external audits.
• Conduct internal risk, vulnerability, and compliance assessments to:
• Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings.
• Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Georgia Technology Authority (GTA).
• Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance.
• Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives.
• Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
• Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths.
• Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs.
• Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations.
• Assist with information security awareness training activities and preparation of awareness training materials.
• Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency’s Info Sec policies and controls.
• Performs other professional responsibilities as assigned.

Qualifications:

• Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in…