Information Security Analyst jobs in Minnesota

Working Title: Information Security Analyst
Job Class: Information Technology Specialist 2
Agency: Minnesota IT Services

• Who May Apply: Open to all qualified job seekers
• Date Posted: 03/21/2024
• Closing Date: 03/27/2024
• Hiring Agency/Seniority Unit: Minnesota IT Services
• Division/Unit: Enterprise / Vulnerability Management
• Work Shift/Work Hours: Day
• Days of Work: Monday - Friday
• Travel Required: No
• Salary Range: $26.56 - $43.20 / hourly; $55,457 - $90,201 / annually
• Classified Status: Unclassified
• Bargaining Unit/Union: 214 - MN Assoc of Professional Empl/MAPE
• End Date: 03/17/2025
• FLSA Status: Nonexempt
• Telework Eligible: Yes #LI-Hybrid
• Designated in Connect 700 Program for Applicants with Disabilities: No

Make a difference in the lives of Minnesotans.

The work you’ll do is more than just a job. Join the talented, engaged and inclusive workforce dedicated to creating a better Minnesota.

Join the 2,500 professionals of Minnesota IT Services (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.

As an Information Security Analyst, you will work on a team that provides vulnerability management services to county and other external partners. This is vital role to help governmental entities ensure that information assets are adequately protected against internal and external threats. The position is a mid-level technical role within in the Threat and Vulnerability Management Unit within the Enterprise Security Office. You will perform in-depth vulnerability assessments of systems and networks. Part of that assessment will follow a defined set of processes that ultimately help technical teams proactively remediate risks vulnerabilities in their environments.

Key responsibilities will include:

Perform in-depth analysis of vulnerability scan results.

• Prioritize, validate, and research effective remediation steps to resolve identified vulnerabilities. Identify and evaluate alternative remediation or risk reduction strategies.
• Communicate vulnerabilities and actionable remediation information to IT operational teams.
• Lead vulnerability review meetings.
• Oversee and follow-up on remediation efforts.
• Utilize other tools and techniques to validate the existence and impact of a vulnerability, as needed.
• Ensure vulnerability management scans on computers and networks are operating as expected; and troubleshoot scanning issues, as needed.
• Create and maintain good technical documentation.
• Administer, monitor, and maintain vulnerability management systems and components.
• Research and stay abreast of potential information security threats and works as part of team to proactively mitigate their impact.

• This position is temporary and includes full state fringe benefits; it is anticipated to last up to one (1) year and may be extended.

**This position requires an employee to be onsite with the option to telework occasionally.

Minimum Qualifications

Preferred Qualifications

• Bachelor's degree in Information Technology or related field
• Experience working with enterprise class vulnerability management systems in large scale organization, including experience identifying systemic security issues based on the analysis of vulnerability and configuration data
• Experience using network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.)
• Knowledge and experience of risk management processes (e.g., methods for assessing and mitigating risk) and performing impact/risk assessments
• Knowledge of cyber threats and vulnerabilities, cyber attackers, and cyber-attack stages
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross- site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL])
• Knowledge of system administration, network, and operating system hardening techniques
• Knowledge and / or experience with windows management and technologies, such as Active Directory, Group Policy, and System Center Configuration Manager
• Knowledge of configuration guidelines and standards, such as Center of Internet Security (CIS) Benchmarks Knowledge of cloud technologies, such as AWS / Azure
• Experience in programming and scripting, particularly in python
• Knowledge of application server technologies such as SQL Server, Oracle, Apache, Tomcat, and IIS Web servers.

Additional Requirements

• SEMA4 Records Check (applies to current and past state employees only)
• Criminal History Check
• Reference Check
• Social Security and Address Verification
• Education Verification
• CJIS Background Check
• Other legally required checks

How to Apply

Select “Apply for Job” at the top of this page. If you have questions about applying for jobs, contact the job information line at 651-259-3637 or email careers@state.mn.us. For additional information about the application process, go to http://www.mn.gov/careers.

If you have questions about the position, contact Gretchen Michienzi at gretchen.michienzi@state.mn.

About Minnesota IT Services

Minnesota IT Services is the information technology agency for the State of Minnesota. MNIT partners with agencies, boards, councils, and commissions to deliver secure, reliable technology solutions as we set IT strategy, direction, policies, and standards statewide. Work for MNIT and be part of a nation-leading IT organization that helps to create an innovative government that works for everyone. Our culture promotes collaboration, demands agility, and encourages us to embrace change. Be a part of something bigger than yourself, something to be inspired by; come to work for MNIT.

Why Work for Us

Diverse Workforce

We are committed to continually developing a workforce that reflects the diversity of our state and the populations we serve. The varied experiences and perspectives of employees strengthen the work we do together and our ability to best serve the people of Minnesota.

A recent engagement survey of State of Minnesota employees found:

• 95% of employees understand how their work helps achieve their agency’s mission
• 91% of employees feel trusted to do their jobs
• 88% of employees feel equipped to look at situations from other cultural perspectives when doing their job
• 87% of employees report flexibility in their work schedule

Comprehensive Benefits

Our benefits aim to balance four key elements that make life and work meaningful: health and wellness, financial well-being, professional development, and work/life harmony. As an employee, your benefits may include:

• Public pension plan
• Training and professional development
• Paid vacation and sick leave
• 11 paid holidays each year
• Paid parental leave
• Low-cost medical and dental coverage
• Prescription drug coverage
• Vision coverage
• Wellness programs and resources
• Employer paid life insurance
• Short-term and long-term disability
• Health care spending and savings accounts
• Dependent care spending account
• Tax-deferred compensation
• Employee Assistance Program (EAP)
• Tuition reimbursement
• Federal Public Service Student Loan Forgiveness Program

Programs, resources and benefits eligibility varies based on type of employment, agency, funding availability, union/collective bargaining agreement, location, and length of service with the State of Minnesota.

AN EQUAL OPPORTUNITY EMPLOYER

Minnesota state agencies are equal opportunity, affirmative action, and veteran-friendly employers. The State of Minnesota recognizes that a diverse workforce is essential and strongly encourages qualified women, minorities, individuals with disabilities, and veterans to apply.

We will make reasonable accommodations to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at 651-259-3637 or email careers@state.mn.us and indicate what assistance is needed.