Security Analyst

IT & Security Oklahoma City, Oklahoma


Description

NIC Oklahoma, a division of Tyler Technologies is the organization behind eGovernment services in the State of Oklahoma. We are a talented team of programmers, designers and project managers who are dedicated to improving the lives of Oklahoma citizens through the web and mobile applications that we build on behalf of our government partner in Oklahoma. We are passionately leading a new era of digital public service, using technology to bring government to the people of Oklahoma in meaningful and convenient ways. NIC Oklahoma is currently seeking applicants for a Security Analyst to assist in the successful implementation of web-based applications and services for state and local government partners.

 The Security Analyst will be responsible for the planning and requirements of the penetration testing process and procedures while helping with the planning, implementation, documentation and maintenance of security tools and services that support the services built on behalf of the state of Oklahoma. 

 

Responsibilities:

  • Assist in seeking compliance with Corporate Security initiatives and directives
  • Assist in planning, architecture, implementation, documentation, and maintenance of security standards for IT infrastructure and portal applications

 

Work with the Director of Technology to complete Technology team initiatives

  • Support internal customers and employees with security-related matters
  • Provide support in incident response activities
  • Assist in the continued implementation of the security awareness program
  • Occasional after-hours duties
  • Perform security audits and assessments of our business unit against corporate policies, standards, and industry requirements

 

Govern security finding remediation efforts for reported findings

  • Work with the Director of Information Security on the planning and requirements of the Penetration Testing process and procedures as required.
  • Align planning, implementation, documentation, and maintenance of security tools and services to support the penetration testing service with corporate security practices.
  • Identify and recommend new techniques, capabilities, and tools related to expanding the Penetration Testing service.
  • Perform penetration tests on networks, systems, and applications using a combination of automated and manual tools following a defined process.   
  • Communicate schedules of testing and status for each application within the environment on a consistent, periodic basis to leadership.

 

Requirements:

  • Undergraduate degree in Computer Science or related discipline
  • Certified Information Systems Security Professional (CISSP) certified
  • Additional certification in focus area (CEH, GPEN, GWAPT, GCFA, etc.)
  • Three years of related job experience in Information Systems Security
  • Solid knowledge of the following:
  • Perimeter Security (firewalls, intrusion detection, etc.)
  • Application Security
  • Vulnerability Assessments
  • Penetration Testing Methodologies
  • Operation systems hardening
  • Malware Detection and Antivirus
  • Regulatory compliance: PCI-DSS, SOX, HIPAA
  • Strong UNIX (Linux, Solaris, etc) and Microsoft Windows skills
  • In-depth familiarity with Internet communication protocols (HTTP, SMTP, TCP/IP, etc.)
  • Knowledge of security configuration methods and procedures for hardware and O/S components
  • Excellent communications skills, including good verbal and written abilities
  • Strong organization, prioritization, and time management skills
  • Self-motivated and strong sense of accountability
  • Desire to work in a fast-paced, entrepreneurial environment