Cyber Security Analyst

Introduction

Maryland Benefits (MD Benefits) is a dynamic, cloud-based platform. This enterprise-wide digital service allows organizations to build, test, host, operate, and integrate mission-driven applications, data, and emerging technologies. MD Benefits offers cloud-based Platform-as-a-Service (PaaS) capabilities, a shared data architecture, and product development services, all developed by the State of Maryland to help multiple agencies deliver and manage health, human, and social service benefits and programs. On July 1, 2025, the operation of the MD Benefits shared platform and statewide applications transitioned from the Department of Human Services (DHS) to the Department of Information Technology (DoIT).

***This is a contractual position, with limited benefits***

***All hires need to be eligible to work in the U.S., either as a U.S. Citizen or those who have a Permanent Resident or green card, as the state of Maryland does not have the ability to sponsor employees***

***Applicants are required to submit an up-to-date and accurate resume.***

Main Purpose

An IT professional who safeguards a company's digital assets by monitoring, detecting, and responding to security threats. They work to protect networks, systems, and data from cyberattacks, implementing security measures, and ensuring compliance with security protocols.

Responsibilities

The responsibilities of a Cybersecurity Analyst include, but are not limited to the following duties:

• Monitoring and Detection: Analyzing network traffic, identifying suspicious activity, and investigating security breaches.
• Incident Response: Responding to security incidents in real-time, mitigating the impact of attacks, and restoring systems to normal operation.
• Vulnerability Management: Identifying and assessing security weaknesses in systems and networks and recommending solutions to address them.
• Security Implementation: Installing and configuring security software, such as firewalls and encryption programs, and implementing security policies.
• Threat Analysis: Staying informed about the latest cyber threats and attack methods and developing strategies to mitigate them.
• Documentation and Reporting: Documenting security incidents, creating incident response reports, and communicating security risks to management.

Minimum Qualifications

Education:

• Strong understanding of computer networks, operating systems, and security technologies.

Experience:

• Experience with security tools like SIEM, EDR, DLP and firewalls.
• Knowledge of security protocols and best practices.
• Analytical and problem-solving skills.
• Excellent communication and teamwork skills.
• Ability to stay up to date on the latest cybersecurity threats.

Preferred Qualifications

• Certifications: Relevant certifications, such as CISSP, CISM, or Security , are preferred.
• Experience with Microsoft G5 suite and AWS environments also a plus
• Experience with risk modeling, quantitative and qualitative data analysis, threat modeling, and scenario analysis.
• Knowledge of secure coding practices and experience with security testing methodologies (e.g., penetration testing, vulnerability assessments).