HHS Security Incident Manager; Information Security Specialist

Overview

As a senior-level technical specialist, the Information Security Specialist 3 guides cybersecurity efforts across diverse platforms, improving security readiness and supporting effective responses to threats.

• Incident Leadership:
  Provide guidance during cybersecurity events and support coordinated response efforts.
• SIEM Engineering:
  Conduct advanced configuration, maintenance, and optimization of enterprise SIEM and log management tools.
• Data Pipeline Design:
  Build ingestion processes that onboard, parse, normalize, and enrich data from varied systems.
• Detection Development:
  Create and refine correlation rules and alerts that improve identification of threats.
• Log Analysis:
  Evaluate data to uncover visibility gaps and recommend improvements to monitoring coverage.

• Full‑time employment.
• Work hours:
  
  8:00 AM to 4:30 PM, Monday‑Friday, with 60‑minute lunch.
• Telework:
  Option for part‑time telework (two days per week) with approved high‑speed internet and approved Pennsylvania location; otherwise work at the headquarters office in Harrisburg. Telework availability may change.
• Salary:
  Starting salary may be non‑negotiable in some cases.

• One year as an Information Security Specialist 2 (Commonwealth title or Federal equivalent)
  * or*
• Four years of information technology security experience with an associate’s degree;
  * or*
• Two years of information technology security experience with a bachelor’s degree;
  * or*
• Equivalent combination of experience and training.

• Three or more years of full‑time experience designing, managing, and optimizing SIEM and log management concepts, including data ingestion, normalization, and correlation.
• Three or more years of full‑time enterprise logging across cloud, endpoint, network, and identity platforms.
• Three or more years of full‑time experience creating query languages and scripting for data analysis and detection development.
• Must meet Pennsylvania residency requirements.
• Must be able to perform essential job functions.

• Pass a background investigation and meet Criminal Justice Information Services (CJIS) compliance requirements.

• Eligible veterans receive employment preference according to Pennsylvania law 51 Pa. C.S. § 7103.

• Applicants requiring accommodations due to disability should discuss requests with the interviewer before the interview date.

The Commonwealth is an equal employment opportunity employer and is committed to a diverse workforce. The Commonwealth values inclusion as we seek to recruit, develop, and retain the most qualified people to serve the citizens of Pennsylvania. The Commonwealth does not discriminate on the basis of race, color, religious creed, ancestry, union membership, age, gender, sexual orientation, gender identity or expression, national origin, AIDS or HIV status, disability, or any other categories protected by applicable federal or state law.

All diverse candidates are encouraged to apply.