INFORMATION TECHNOLOGY SPECIALIST II

at  Department of Technology

TELEWORK IS AVAILABLE.

Under the general direction of the Security Monitoring and Intelligence (SMI) Information Technology (IT) Manager I, the Information Technology (IT) Specialist II is a senior member of the Forensic Investigation Threat Hunting (FITH) Security Incident Response Team working independently as a technical security expert. The IT Specialist II will perform complex Tier 2 and 3 Security Operations Center (SOC) duties as needed as part of the security detection, analysis, and response team to provide critical protection of CDT and State IT network and assets. The IT Specialist II will lead and or participate in incident response, detection, and protection activities as required as a member of the FITH Security Incident Response Team. The IT Specialist II under the FITH team, studies an organization’s network and assets to help the organization operate more securely, efficiently, and effectively.
The IT Specialist II develops and maintains a working level knowledge of relevant IT infrastructure and technologies under the protection of the FITH, of applicable State/Federal and industry regulations and best practices with respect to information security of the department, and information security policies and procedures, and of vulnerability and threat management technologies, products, practices and processes. In addition, the IT Specialist II must develop and maintain working level knowledge of the IT threat landscape, risk management processes and technologies, multiple operating systems, network architecture and protocols, and a full picture of IT security technologies, as well as interoperability and interdependency of all of those and more. Security best practices and complex technical and administrative requirements must be interpreted and applied in a complex technical environment. As a member of the FITH team, will provide IT detection, protection and incident response support to the California Cybersecurity Integration Center (CalCSIC) and supported State and local government entities.
You will find additional information about the job in the Duty Statement.

Working Conditions

• Operate a personal computer (word processor, spreadsheet, e-mail communication, presentation, and diagramming applications).
• Use technical software for monitoring a variety of security-related items.
• Required to work some weekends and to work outside of normal business hours on a periodic basis based on an on-call schedule or business need.
• Required to carry and use a cell phone or mobile device and respond in a timely manner.
• Require some travel between Rancho Cordova and Sacramento.
• Successfully complete a fingerprint background criminal record check completed by the Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI).

Minimum Requirements
You will find the Minimum Requirements in the Class Specification.

REQUIRED APPLICATION PACKAGE DOCUMENTS

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at www.CalCareers.ca.gov. All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is required and must be included.

Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.
Desirable Qualifications

In addition to evaluating each candidate’s relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

• Ability to interpret and incorporate data from multiple tool sources
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise
• Ability to exercise judgment when policies are not well-defined
• Ability to collect, verify, validate, and analyze test data
• Ability to translate data and test results into evaluative conclusions
• Ability to focus research efforts to meet the customer’s decision-making needs
• Skill in collecting data from a variety of computer network defense resources
• Skill in conducting open-source research for troubleshooting novel client-level problems
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks
• Skill in performing packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump
• Skill in evaluating information for reliability, validity and relevance
• Skill in detecting host and network-based intrusions via intrusion detection technologies
• Skill in reading, interpreting, developing and deploying signatures
• Skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, uencode, Uniform Resource Locator [URL] encode
• Skill in using Boolean operations to construct simple and complex queries
• Skill in using protocol analyzers
• Skill in using sub-netting tools
• Skill in processing digital evidence to include protecting and making legally sound copies
• Knowledge of programming language structures and logic
• Knowledge of basic system administration, network, and operating system hardening techniques
• Knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country specific TTPs, emerging capabilities

Benefits
Benefit information can be found on the CalHR website and the CalPERS website.
Contact Information
The Hiring Unit Contact is available to answer questions regarding the position or application process.
Department Website: http://cdt.ca.gov

Please refer the Job description for details