Cybersecurity Specialist 2-00176980

Stronger Families for a Stronger Georgia. The Georgia Department of Human Services (DHS) is a dynamic state agency responsible for delivering a wide range of services to Georgia's most vulnerable populations. Our mission is to strengthen Georgia by providing individuals and families access to services that promote self-sufficiency, independence, and protect Georgia's vulnerable children and adults.  

What we offer.  Enjoy a generous benefits package that includes a flexible work schedule, unique training opportunities, employee retirement plan, 401(k) plan and 457 plan, 13 paid holidays, vacation & sick leave, medical, dental, vision, long/short-term care, life insurance, and employee discount programs; in addition to telework opportunities depending upon the position.  

Start your career in public service. The Georgia Department of Human Services (DHS), Office of Information Technology (OIT) is seeking a hands-on Cybersecurity Specialist 2 first responder who will analyze security events as well as other data/information from one or multiple sources to assess the threat likelihood and security posture of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations. Also participates in information security related projects and ensuring people, processes, and technology aligns with the desired security posture of the agency and the State. 

JOIN OUR TEAM!!!

Paygrade:  O

• Participates in information security related projects and ensuring people, processes, and technology aligns with the desired security posture of the organization.  
• Lead and/or support in-depth triage and investigations of urgent cyber incidents in cloud, traditional, and hybrid environments. 
• Perform incident response functions including but not limited to host-based analytical functions (e.g. digital forensics, metadata, malware analysis, etc.) through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs).  
• Create and track metrics based on the MITRE ATT&CK Framework and other standard security-focused models.  
• Work with application and infrastructure stakeholders to identify key components and information sources such as environments (on-premises versus cloud), servers, workstations, middleware, applications, databases, logs, etc. 
• Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.  
• Collaborate with State multidisciplinary groups for triaging and defining the scope of large scale incidents. 
• Document and present investigative findings for high profile events and other incidents of interest.
• Participate in readiness exercises such as purple team, table tops, etc.  
• Train junior colleagues on relevant best practices.

• Data Utilization: Requires the ability to coordinate, manage, and/or correlate data. Includes exercising judgment in determining time, place and/or sequence of operations, referencing data analysis to determine necessity for revision of organizational components, and in the formulation of operational strategy.
• Human Interaction: Requires the ability to work with and apply principles of persuasion and/or influence over others to coordinate programs or activities of a project, and resolve typical problems associated with the responsibilities of the job.
• Verbal Aptitude: Requires the ability to utilize a wide variety of reference, descriptive, advisory and/or design data and information.
• Mathematical Aptitude: Requires the ability to perform addition, subtraction, multiplication and division; ability to calculate decimals and percentages; may include the ability to calculate algebraic calculations, and the ability to interpret graphs.
• Functional Reasoning: Requires the ability to apply principles of influence systems, such as motivation, incentive, and leadership, and to exercise independent judgment to apply facts and principles for developing approaches and techniques to resolve problems.
• Situational Reasoning: Requires the ability to exercise judgment, decisiveness and creativity in situations involving the evaluation of information against sensory, judgmental, or subjective criteria, as opposed to that which is clearly measurable or verifiable.

• Bachelor's degree in Computer Science/Information Technology/Information Security or related field or equivalent experience AND three (3) years of proven experience and demonstrated success in technology leadership with emphasis on information security, data governance.
• Holds an intermediate cyber certification per state guidelines or achieves within 12 months of start date: (CCNA, CCNA-S, C)ISRM, CISM, CASP, GCIH, GCED, CEH).
• Must hold or be able to qualify for a US Department of Homeland Security (DHS) clearance.

• Desired experience in areas such as scripting & automation, application security testing, threat hunting, cyber incident handling.

For more detailed information about the Georgia Department Human Services

                   https://dhs.georgia.gov/  

Employment Information
  
Current State employees are subject to State Personnel Board (SPB) Rules regarding salary.
 
DHS is an Equal Opportunity Employer
  
If you require accommodations under the Americans with Disabilities Act (ADA), email request by the closing date of this announcement to:  @HRHelpline
 
The candidate selected for this position may be subject to pre-employment drug screening, education verification, reference, motor vehicle records, and criminal background checks.
  
DHS accepts educational credential recognized by the Council for Higher Education Accreditation (CHEA) and/or the US Department of Education (DOE) will be considered. DHS will contact educational institutions to verify degree, diploma, licensure, etc.
  
As an employee of DHS, in the event of an identified emergency you may be required, as a term and condition of employment, to assist in meeting the emergency responsibilities of the department.
  
Due to the volume of applications received, we are unable to provide information on application status by phone or e-mail. All qualified applicants will be considered but may not necessarily receive an interview. Selected applicants will be contacted by the hiring official for next steps in the selection process.  Only applicants who are selected and interviewed will receive notification.
  
This position is subject to close at any time once a satisfactory applicant pool has been identified.