State of CT Judicial Branch
Cybersecurity Forensic Analyst
State of Connecticut, Judicial Branch
The State of Connecticut Judicial Branch is seeking a Cybersecurity Forensic Analyst (Information Technology Enterprise Specialist) to join our Cybersecurity Unit. The successful candidate will be responsible for digital forensics and identifying and tracking threat actor Tactics, Techniques, and Procedures (TTPs) and creating Cyber Threat Hunt hypotheses based on TTPs. The candidate will leverage internal and external data sets and threat intelligence feeds to drive cyber threat hunting initiatives and manage and support cyber incident response.
Duties include, but are not limited to:
Hands on experience in security systems, including intrusion detection systems, anti-malware products, authentication systems, log management, content filtering, mobile device security management, DNS, CDN, WAF and related security technologies.
Excellent knowledge of current protocols and standards, including Active Directory, Group Policies, Core Switching/Routing, SSL/IPSec, SAN, Virtualization, Business Continuity, Disaster Recovery.
Identify and track threat actor Tactics, Techniques, and Procedures (TTPs).
Create Cyber Threat Hunt hypotheses based on TTPs.
Leverage internal and external data sets and threat intelligence feeds to drive cyber threat hunting initiatives.
Manage and support cyber incident response – performing digital forensics, vulnerability scans, and root cause analysis.
Determine root causes of cyber incidents and work with affected users and divisions to implement remediation plans.
Architect and participate in all phases of design, configuration, and maintenance of a brand-new forensic lab for the branch.
Detect host and network-based intrusions via intrusion detection technologies and Microsoft Sentinel dashboards.
Use incident data to identify vulnerabilities and security gaps to make recommendations for improvements.
Communicate with state and federal partners regarding cyber threats, trends analysis, and vulnerabilities.
Develop Microsoft Sentinel dashboard to integrate logs from cyber threat intelligence products.
Qualified candidates will be proficient with:
Conduct Digital Forensics investigations and Malware Analysis to identify malicious activity and derive Indicators of Compromise (IOCs) and associated detection rules.
Lead and conduct targeted security risk assessments of cloud-based, network, system, and application technologies against industry (e.g., NIST, CIS, and CSA) and vendor specific (e.g. Microsoft, Palo Alto) best practices.
Experience building and aligning a security program to a security framework such as NIST-CSF, NIST 800-53, or CIS Critical Security Controls.
Expert level knowledge of Palo Alto firewall, Windows defender ATP, and MS Azure-based security products.
Expert level knowledge to analyze TCP Dumps / Packet Captures using Wireshark.
Qualified candidates will possess the following:
8+ years of experience with cyber threat hunting, incident response and digital forensics.
Experience with conducting Digital Forensics investigations and Malware Analysis.
Ability to derive Indicators of Compromise (IOCs) and associated detection rules.
Ability to understand vulnerabilities at a technical level.
Knowledge of frameworks like NIST, CIS, CISA, MITRE.
In addition to the preferred qualifications, the successful candidate will have a positive attitude; proficient verbal skills; a collaborative approach to working in a close team environment; willingness to assist and share knowledge with peers and subordinates; strong writing skills, submit reports, proposals, and postmortem analyses.
This position qualifies for hybrid remote work.
Salary Range: $100,844 – $149,805/year – plus State of Connecticut benefits.
Starting salary may be commensurate with experience.
The State of Connecticut Judicial Branch offers its employees a top notch array of health and retirement benefits including but not limited to paid holidays, vacation, sick and personal leave, group life insurance, 457 Deferred Compensation, voluntary flexible spending account programs, discounted auto and home insurance policies and long and short term disability.
EXPERIENCE AND TRAINING
General Experience : Ten (10) years of experience in information technology (IT), programming, systems/software development or another IT related field demonstrating a growing and broadening base of knowledge and experience.
Special Experience : Two (2) years of the General Experience must have been at the expert working level with responsibility for performing a full range of highly complex technical support functions.
College training in management information systems, computer science, electrical engineering or information technology related area may be substituted for the General Experience on the basis of fifteen (15) semester hours equaling six (6) months of experience to a maximum of four (4) years for a Bachelor’s degree.
A Master’s degree in management information systems, computer science, electrical engineering or information technology related area may be substituted for one (1) additional year of the General Experience.
Relevant certification in management information systems, computer science, electrical engineering or information technology related area may be substituted for up to six (6) months of the general experience.
SPECIAL REQUIREMENT: Incumbents may be required to travel within the State in the course of their daily work.
Applications must be received by March 27, 2023. Applications must be submitted through the on-line application site at: (CLICK BELOW). Resumes or paper applications will not be accepted.
Careers at the Branch play an essential role for the public and society. Our meaningful, challenging, and interesting positions have a long-lasting effect that serves to advance justice and ultimately provides for the greater good of all.
Please reference the posting number 23-4000-005