Offer summary

Qualifications:

5 years of experience in information security or related field., Certifications such as Systems Security Certified Practitioner (SSCP), CompTIA Security+, or CompTIA Cybersecurity Analyst (CSA+) are required., Strong understanding of security technologies and strategies, including firewalls and incident response., Ability to communicate technical information effectively to diverse audiences..

Key responsabilities:

Serve as the primary incident owner for the Security Operations Center.

Lead incident handling processes including discovery, analysis, and recovery.

Coordinate with other teams to remediate detected incidents and communicate intelligence to key personnel.

Manage the lifecycle of information security incidents from tracking to escalation and notification.

Job description

This position supports the State of Iowa’s Department of Management (DOM), Security Operations Center (SOC). The purpose of this position is to provide tier two triage for information technology issues and information security incidents. As a tier two information security incident handler, this position will be responsible for information security incidents for the entirety of their lifecycle. This position will renew on 7/1/25.

Serve as the primary incident owner for the Security Operations Center. Lead efforts related to the incident handling processes such as incident discovery, analysis and verification, incident tracking, containment and recovery, incident response coordination, escalation, and notification. Lead efforts in coordinating with other teams to remediate detected incidents. Communicate intelligence to key personnel.

5 years’ experience required in the following:

Systems Security Certified Practitioner (SSCP), CompTIA Security+ (Security+ CE), CompTIA Cybersecurity Analyst (CSA+) or other information security certifications
Strong understanding of security technologies and strategies, including but not limited to firewall, IDS, policy management, security processes/best-practice, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response
Solid knowledge of common and emerging attack vectors, penetration methods and countermeasures.
Knowledge of conflict resolution and incident escalation.
Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
Demonstrated ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought.
Demonstrated ability to solve complex problems, convey both oral and written instruction, and handle multiple task interruptions while providing services in a professional and courteous manner.
Proven ability to work with diverse audiences and translate technical information into non-technical information.
Must be an individual of high integrity and be a model of unwavering integrity to others.
Commitment to fostering a diverse working environment.
Demonstrated ability to work independently, as part of a team of peers, and to support and contribute to a multidisciplinary team environment.