IT Security Analyst 3 - Vulnerability Management

The State of Michigan is looking for: IT Security Analyst 3 - Vulnerability Management Team

Top Skills & Years of Experience:
- 5 Years' IT Security Experience
- Experience with vulnerability management scanning and reporting tools (requires strong Linux, Windows and/or UNIX administrative knowledge for troubleshooting).
- Experience with trend analysis and creating dashboards using data scripting to provide metrics on the performance.
- Experience with Linux, Windows and Unix.
- Experience with PowerShell and Python.
- Experience with log parsing using grep, sed or AWK.

Full Job Description:

IT Security Analyst 3 – Vulnerability Management

Overview:

• Supports vulnerability management scanning and reporting tools (requires strong Linux, Windows and/or UNIX administrative knowledge for troubleshooting).
• Automates processes with scripting such as bash, PowerShell, and Python.
• Parses logs in an automated fashion using Grep, AWK, Sed, etc.
• Creates integration of vulnerability management data with other State of Michigan enterprise services.
• Conducts data analysis of vulnerability management data, often integrated with other data sources, to measure effectiveness of vulnerability remediation. Data analysis tasks include large datasets, which include structured, semi-structured, and unstructured data.
• Interfaces with other agencies to make recommendations on how to improve the security posture and reduce the number of security related vulnerabilities.
• Conducts trend analysis, creates dashboards using data scripting to provide metrics on the performance of security responsibilities, controls, and creates new reports based on those collected metrics across multiple agencies.
• Plans, schedules, implements, and maintains scalable vulnerability scans using modern vulnerability management scanning tools for high complexity devices.
• While ensuring safe and timely scanning that has minimal/no impact on scan targets and provides troubleshooting of technical issues with scans.
• Conducts internal vulnerability audits of servers, network devices, applications, and other devices.
• Reviews and validates security procedures to ensure adequate security procedures have been developed to identify and classify cyber events.

Required Skills:

• 5 years’ experience in IT Security
• Extensive experience with vulnerability management scanning and reporting tools.
• Experience with Linux, Windows, and Unix.
• Experience with PowerShell and Python.
• Experience with log parsing using - Grep, Sed and/or AWK.
• Preferred experience with SQL ETL.

Interview Process: Onsite interviews to be held at the Dimondale office. (NO virtual interviews will be requested) Candidates submitted must be willing to attend a face-to-face interview.

Duration: 1 year with possible extension.
Remote or On-site: Candidates must be currently local within a commutable distance, no more than 1-1.5 hours. Manager is not interested in candidates who would need to relocate to accept the role. Position will be hybrid, in office 2 days a week upon start.