OPEN TO ALL QUALIFIED APPLICANTS

This is a position specific recruitment. The resulting certified eligible list may be used to staff several current and future vacancies for this position/function only.

MINIMUM QUALIFICATIONS

Experience: Seven years of experience designing, developing, testing, implementing and maintaining application, communication, database or operating systems software.

DESIRED OR PREFERRED QUALIFICATIONS

• 3 years of experience in networking or system administration/engineering
• 1 year Azure Security experience
• 1 Year Azure Infrastructure experience
• Bachelor’s degree in computer science or related field or equivalent experience.
• Additional certifications in security related disciplines (eg: Security+, CEH, CISSP, etc.) are preferred.
• 1 year of experience with Firewalls.
• 1+ year of experience with GRC and familiarity with various cybersecurity frameworks such as ISO 27001 and NIST standards.
• Willingness to learn new technologies and keep up with industry trends.
• Ability to learn and communicate technical information to non-technical people.
• Must have excellent written & oral communication skills, and strong interpersonal skills.
• Strong technical skills, including experience with identity and access management solutions.
• Familiarity with cyber security best practices and compliance standards.
• Enterprise IT operational experience – Strong understanding of operating systems, infrastructures, protocols, and applications.
• Previous experience working as a cybersecurity analyst would be a great plus
• Working knowledge of cyber threat actor tactics, techniques, and procedures (TTPs), including the ability to troubleshoot cybersecurity issues, configurations, and incidents across a wide range of devices and infrastructure environments

The Comptroller of Maryland seeks to hire a talented Cybersecurity Analyst Tier 2 for monitoring, troubleshooting, and protecting the security of the COM enterprise environment. The Cybersecurity Analyst performs information security and cybersecurity analysis work involving planning, implementing, and monitoring security measures for the protection of information systems and infrastructure. Work also includes protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. The Cybersecurity Analyst Tier 2 will report to the Chief Information Security Officer.

Responsibilities:

• Performs technical risk assessments and reviews of account permissions, computer data access needs, security violations, programming changes, and new and existing applications and systems, including data center physical security and environment.
• Performs cybersecurity incident detection, analysis, and prevention.
• Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses.
• Performs forensic analysis of information systems and portable devices and forensic recovery of data using assessment tools.
• Monitors systems and procedures to protect data systems and databases from unauthorized access.
• Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems. Supports the implementation of computer system security plans with agency personnel and outside vendors.
• Develops plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
• Takes part in any security-oriented projects or critical initiatives.
• Stay up-to-date on information technology & security news, trends and standards.
• Deliver an exceptional customer experience every day.
• Other duties as identified or assigned.

PLEASE NOTE: Resumes will not be accepted in lieu of a completed application. Also, ITD is responsible for the 24x7x365 support for ADC mainframe, distributed systems, and networks. All ITD employees are available for on-call support.