What are the responsibilities and job description for the Security Intelligence Analyst II (Information Systems Analyst II, Option S) position at Illinois Department of Innovation & Technology (DoIT)?
Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as a Security Intelligence Analyst II with responsibilities including, but not limited to, vulnerability management, penetration testing, web application scanning, content management of enterprise security information and event management platform, threat hunting, and cyber threat intelligence. In this role, you will work with the Security Operations Center to respond to advanced threats and cybersecurity incidents impacting State of Illinois agencies. In addition, you will perform adversary emulation to identify potential weaknesses in security controls and gaps in defensive visibility and provide recommendations to best prevent, remediate, and detect potential threats and vulnerabilities. If you possess these knowledges, skills, abilities and experience, we invite you to apply to join the DoIT team!
As a State of Illinois employee, you receive a comprehensive benefits package including:
Why Work for Illinois?
Working with the State of Illinois is a testament to the values of compassion, equity, and dedication that define our state. Whether you’re helping to improve schools, protect our natural resources, or support families in need, you’re part of something bigger—something that touches the lives of every person who calls Illinois home.
No matter what state career you’re looking for, we offer jobs that fit your life and your schedule—flexible jobs that provide the gold standard of benefits. Our employees can take advantage of various avenues to advance their careers and realize their dreams. Our top-tier benefits and great retirement packages can help you build a rewarding career and lasting future with the State of Illinois.
Essential Functions
NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.
Work Hours: Monday-Friday 8:30am-5:00pm (work hours may vary)
Headquarter Location: 120 W Jefferson St, Springfield, Illinois, 62702
Work County: Sangamon
Agency Contact: Madison Beyer
Email: madison.beyer@illinois.gov
Posting Group: Science, Technology, Engineering & Mathematics
This position DOES contain “Specialized Skills” (as that term is used in CBAs).
The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.
APPLICATION INSTRUCTIONS
Use the “Apply” button at the top right or bottom right of this posting to begin the application process.
If you are not already signed in, you will be prompted to do so.
State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon.
Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon. If you have never before signed in, you will be prompted to create an account.
If you have questions about how to apply, please see the following resources:
State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid
Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.
The Main Form Of Communication Will Be Through Email. Please Check Your “junk Mail”, “spam”, Or “other” Folder For Communication(s) Regarding Any Submitted Application(s). You May Receive Emails From The Following Addresses
As a State of Illinois employee, you receive a comprehensive benefits package including:
- Competitive Group Insurance benefits including health, life, dental and vision plans
- Flexible work schedules (when available and dependent upon position)
- 10-25 days of paid vacation time annually (10 days for first year of state employment)
- 12 days of paid sick time annually which carryover year to year
- 3 paid personal business days per year
- 13-14 paid holidays per year dependent on election years
- 12 weeks of paid parental leave
- Pension plan through the State Employees Retirement System
- Deferred Compensation Program – voluntary supplemental retirement plan
- Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
- Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility
Why Work for Illinois?
Working with the State of Illinois is a testament to the values of compassion, equity, and dedication that define our state. Whether you’re helping to improve schools, protect our natural resources, or support families in need, you’re part of something bigger—something that touches the lives of every person who calls Illinois home.
No matter what state career you’re looking for, we offer jobs that fit your life and your schedule—flexible jobs that provide the gold standard of benefits. Our employees can take advantage of various avenues to advance their careers and realize their dreams. Our top-tier benefits and great retirement packages can help you build a rewarding career and lasting future with the State of Illinois.
Essential Functions
- Under administrative direction, serves as a Security Intelligence Analyst II for the Department of Innovation & Technology (DoIT), performing complex professional and advisory functions in System Services for the Cyber Intelligence Unit, including collaborating with the Security Operations Center to respond to advanced threats and cybersecurity incidents impacting the State of Illinois agencies.
- Performs security validation to identify methods of gaining access to state agencies' computer systems by using common tools and techniques.
- Identifies and assesses DoIT and other state agencies' computer system vulnerabilities and develops and recommends measures to safeguard systems before and after they are compromised.
- Monitors network traffic by utilizing intrusion detection devices and other technologies to provide management with reports and system studies of operation, including performing security monitoring to confirm security practices and controls in place are being followed and are effective.
- Participates in investigations of alleged computer security incidents and handles electronic evidence.
- Keeps abreast of new developments in the information technology field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures.
- Performs other duties as required or assigned which are reasonably within the scope of duties enumerated above.
- Requires knowledge, skill, and mental development equivalent to completion of four (4) years of college with course work in computer science or directly related fields.
- Requires three (3) years of professional experience in systems services, information security, cyber security, or a related Information Technology field.
- Requires three (3) years of professional experience identifying systematic security issues through the analysis of vulnerability and configuration data, including evaluating computer systems for security violations, scanning for vulnerabilities, documenting identified weaknesses, and supporting investigative activities related to unauthorized access or system compromise.
- Requires three (3) years of professional experience utilizing the following network protocols: Transmission Control Protocol/Internet Protocol (TCP/IP) and Dynamic Host Configuration Protocol (DHCP), or directory services such as Domain Name System (DNS)) in support of activities including network monitoring, packet-level traffic analysis, security validation, intrusion detection, and analysis of network behavior to identify anomalies or indicators of compromise.
- Requires three (3) years of professional experience identifying and working with system and application security threats and vulnerabilities, including buffer overflow, mobile code, cross-site scripting, PL/SQL injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code, as a part of identifying weakness, performing adversary-style analysis, and recommending appropriate remediation measures.
- Three (3) years of professional experience identifying systematic security issues through the analysis of vulnerability and configuration data, including evaluating computer systems for security violations, scanning for vulnerabilities, documenting identified weaknesses, and supporting investigative activities related to unauthorized access or system compromise.
- Three (3) years of professional experience utilizing network protocols (e.g., Transmission Control Protocol/Internet Protocol (TCP/IP) and Dynamic Host Configuration Protocol (DHCP), or directory services (e.g., Domain Name System (DNS)) in support of activities including network monitoring, packet-level traffic analysis, security validation, intrusion detection, and analysis of network behavior to identify anomalies or indicators of compromise.
- Three (3) years of professional experience identifying and working with system and application security threats and vulnerabilities, including buffer overflow, mobile code, cross-site scripting, PL/SQL injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code, as a part of identifying weakness, performing adversary-style analysis, and recommending appropriate remediation measures.
- Three (3) years of professional experience identifying network attacks and the relationship of those attacks to threats and vulnerabilities, including recognizing anomalous activity, monitoring for unauthorized access, and assessing risks associated with disruptions or misuse of information systems.
- Three (3) years of professional experience detecting host and network-based intrusions using intrusion detection technologies, such as Snort, including monitoring alerts, logs, and indicators of compromise.
- Ability to perform packet-level analysis using appropriate tools, such as Wireshark and tcpdump to identify intrusions, troubleshoot network problems, detect malware activity, verify expected traffic behavior, and identify potential data exfiltration.
- Ability to analyze data logically and exercise sound judgment in defining and evaluating problems of an operational or procedural nature.
- Ability to gain and maintain effective working relationships with associates, vendors, clients, and others.
- Developed verbal and written communication skills to present technical information clearly and precisely to diverse audiences, including business users, development teams, and agency executives.
- Certifications in one or more of the following: EC Council Certified Ethical Hacker, Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) or SANS GCIH Certification.
NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.
- Requires the ability to verify identity.
- Requires employment authorization to accept permanent full-time position with State of Illinois.
- Requires the ability to pass a position specific, agency required background check and requires self-disclosure of criminal history.
- Requires the ability to travel in performance of duties.
- Requires the ability to use agency supplied equipment such as laptop, personal computer, work cel phone, etc.
- Requires the ability to attend seminars, conferences, and training to remain current on methods, tools, ideologies, or other industry related topics relevant to job duties.
- Requires the ability to lift and carry objects or equipment weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.
- Requires the ability to serve in an on-call capacity.
- Requires the ability to work overtime including scheduled, unscheduled, short notice, evening, weekends, and holidays.
Work Hours: Monday-Friday 8:30am-5:00pm (work hours may vary)
Headquarter Location: 120 W Jefferson St, Springfield, Illinois, 62702
Work County: Sangamon
Agency Contact: Madison Beyer
Email: madison.beyer@illinois.gov
Posting Group: Science, Technology, Engineering & Mathematics
This position DOES contain “Specialized Skills” (as that term is used in CBAs).
The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.
APPLICATION INSTRUCTIONS
Use the “Apply” button at the top right or bottom right of this posting to begin the application process.
If you are not already signed in, you will be prompted to do so.
State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon.
Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon. If you have never before signed in, you will be prompted to create an account.
If you have questions about how to apply, please see the following resources:
State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid
Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.
The Main Form Of Communication Will Be Through Email. Please Check Your “junk Mail”, “spam”, Or “other” Folder For Communication(s) Regarding Any Submitted Application(s). You May Receive Emails From The Following Addresses
- donotreply@SIL-P1.ns2cloud.com
- systems@SIL-P1.ns2cloud.com