Security Analyst II
TECHNOVIZ LLC · Madison, WI · 3 days ago
HybridFull-time
Benefits
Competitive salary
Responsibilities
- A1. Review policy, procedures, controls, and standards to ensure DOC and regulatory standards are met.
- A2. Address compliance issues with IT security standards; identifying deficiencies and recommending control and risk mitigation measures.
- A3. Review documentation to ensure it meets standards and applicable regulatory requirements, standards, or industry best practices.
- A4. Assist with the creation of new and updates to policy, process, and technical controls to determine if they are sufficient and functioning as intended.
- A5. Report on risks and mitigations as well as following up to verify that adjustments were made.
- A6. Interpret NIST or other standards to recommend and implement best practices.
- A7. Contribute to the maintenance and operationalization of information security policies, procedures, and response playbooks.
- A8. Review new IT projects, systems, and vendor solutions for security risk, documenting and escalating concerns as needed.
- A9. Provide technical consulting and security recommendations aligned with DOC standards and DOA/DET architecture.
- A10. Participate in enterprise-level risk assessments and contribute data to compliance, audit, or risk reporting needs.
- A11. Assist in threat modeling exercises or tabletop simulations designed to improve preparedness and resiliency.
- B1. Triage, analyze, and respond to cybersecurity alerts using current technologies and tools.
- B2. Conduct forensic investigations into suspected security incidents, including phishing, account compromise, and endpoint breaches.
- B3. Coordinate with internal teams and DOA/DET to contain, eradicate, and recover from security incidents.
- B4. Analyze logs, threat intelligence, and user behavior to identify indicators of compromise (IOCs) and prevent recurrence.
- B5. Document incident response actions and create post-incident reports with recommended improvements.
- B6. Participate in phishing mitigation, email threat response, and takedown coordination with third-party providers.
- B7. Assist in vulnerability validation and risk triage based on vendor and tool security recommendations.
- B8. Support the tuning, configuration, and enhancement of security technologies used in DOC’s environment.
- B9. Assist with employee forensics, HR/legal investigations, and eDiscovery requests through log and artifact analysis.
- B10. Assist with continuous improvement of detection logic, alerts, and response workflows in current technologies and tools.
- C1. Collaborate with internal teams and DOA/DET to implement, monitor, and maintain endpoint security, network protection, and access control systems.
- C2. Assist in the deployment or refinement of security technologies and tools.
- C3. Test and validate new use cases or configurations in existing tools and platforms, reporting anomalies or conflicts.
- C4. Maintain technical documentation and inventories related to security tooling, integrations, and metrics.
- D1. Participate in professional development opportunities such as conferences, technical training, and webinars.
- D2. Track emerging threats, vulnerabilities, and technology trends through vendor briefings, information sharing groups, and security communities.
- D3. Contribute to internal knowledge sharing and cross-training within the security team.
Qualifications
- At least 5 years of experience required in the following:
- Understanding of NIST Cybersecurity Framework, NIST RMF, and other common security standards.
- Experience and working knowledge of common security frameworks and control theories to include current applicable NIST, CJIS, and ISO standards.
- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.
- Familiarity with phishing mitigation strategies and email threat analysis.
- Incident Response Forensics and Remediation (i.e. Crowdstrike, Sandbox evaluation & detonation, Phish evaluation, Malicious Website and Malicious Intent Identification).
- Customer service as it pertains to security incident management and communication with end user about dangerous behavior.
- Excellent technical writing and documentation skills, including incident reports and playbook development.
- Ability to work independently and as part of a distributed team to achieve shared objectives.
Skills
- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.
- Strong interpersonal communication skills with the ability to explain complex topics to non-technical audiences.
- Experience working as a team member on projects to improve business needs.
- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.
- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.
Benefits
Hybrid Remote: Remote daily work with the ability to report to Madison Office for training or when required for emergency situations.
No relocation allowed.
Position will be 100% remote after training.