Share this Job

Security Ops Center Alert Specialist I (INFORMATION SERVICES SPECIALIST I - OPTION S) (UMP)

We continually strive for a workforce that reflects the growing diversity within the State of Illinois. A variety of employee backgrounds, perspectives, ideas and experiences are crucial to our ability to most effectively serve the public. Bilingual skills welcome

Reasonable Accommodation Statement

The State of Illinois is committed to working with and providing reasonable accommodations to people with disabilities. Further, federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job, interview for a job, or for any other activity related to the hiring process. Examples of reasonable accommodation include, but are not limited to, making a change to the application process (if possible), providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

To be provided a Reasonable Accommodation during the hiring process, you will need to provide a certification of disability from a physician, psychiatrist, school official or an Illinois Department of Human Services (DHS) Division of Rehabilitation Services (DRS) Vocational Rehabilitation (VR) Counselor. Supporting documentation should be uploaded under My Documents → Additional Documents section for each application.

Any questions on Reasonable Accommodations can be directed to Central Management Services Disability Resource Center at CMS.DisabilityResCen@illinois.gov or call (217) 524-7514 for further information and to request or discuss an accommodation.

Sponsorship for Employment

The State of Illinois does not provide sponsorship for employment visa status (e.g. H-1B visa status). To be considered for permanent employment with the State of Illinois, applicants must be currently authorized to work in the United States on a full-time basis.

Disclosure of Salary Information

In compliance with the Illinois Equal Pay Act, 820 ILCS 112/1 et seq., the State does not seek, request, or require a job applicant’s wage or salary history.  Employment decisions are not made based on an applicant’s wage or salary history.  To that end, please do not include wage or salary information in your resume or other profile or application materials.

Date:  Nov 18, 2022
Location: 

Springfield, IL, US, 62702-5170

Job Requisition ID:  20883

Agency :  Department of Innovation and Technology 

Posting Date: 11/21/2022
Closing Date/Time: 12/06/2022
 
Salary:   $4,738 - $6,964  
Job Type:   Salaried Full Time  
County:   Sangamon  
Number of Vacancies:   1  
Plan/BU:   RC063  

 

This position is a union position; therefore, provisions of the relevant collective bargaining agreement/labor contract apply to the filling of this position.

 

All applicants who want to be considered for this position MUST apply electronically through the illinois.jobs2web.com website. State of Illinois employees should click the link near the top left to apply through the SuccessFactors employee career portal.

Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.

 

Posting Identification Number  20883

Performs, but not limited to, the following duties for the IL Department of Innovation and Technology: Serves as a security Operations Center (SOC) Alert Specialist I; Monitors multiple security technologies and other information sources to identify and detect potential information security incidents; Conducts limited analysis of system outputs, notifications and alerts to determine the validity and information security impact of the data based on training, policies and procedures; Reviews other sources of information as directed to classify and prioritize the alerts based on predetermined criteria. Utilizes security monitoring technologies including, but not limited to, Security Information and Event Monitoring (SIEM) systems, anti-virus and other end-point monitoring systems, data loss prevention technologies, secure configuration monitoring systems, electronic mail and information systems logs and log management systems. If you posses these skills, we invite you to apply for this position with DoIT!

Job Responsibilities

35% Under immediate supervision, serves as a Security Operations Center (SOC) Alert Specialist I for the Department of Innovation & Technology (DoIT):

  • Monitors multiple security technologies and other information sources to identify and detect potential information security incidents
  • Conducts limited analysis of system outputs, notifications and alerts to determine the validity and information security impact of the data based on training, policies and procedures
  • Reviews other sources of information as directed to classify and prioritize the alerts based on predetermined criteria
  • Utilizes security monitoring technologies including, but not limited to, Security Information and Event Monitoring (SIEM) systems, anti-virus and other end-point monitoring systems, data loss prevention technologies, secure configuration monitoring systems, electronic mail and information system logs and log management systems
  • Evaluates reports of potential security incidents reported by end-users, supervisory personnel and external entities including the Multi-State Information Sharing and Analysis Center (MS-ISAC), law enforcement agencies, citizens and public information sources

30% Performs limited assignments utilizing established policies, standards and procedures to determine which security alerts and notifications should be identified as information security incidents:

  • Collects additional information from security systems, end-users and other sources to document and communicate the existence of a security incident in a timely manner
  • Classifies security incidents per pre-established classification schemes
  • Communicates with agency security officers, security managers, other security personnel and agency personnel to resolve minor security incidents as defined and directed
  • Escalates more serious and/or complex security incidents to more senior security staff

15% Serves as an initial recipient of information security and cyber-security vulnerability and threat information received from information systems and sources including, but not limited to, information system vulnerability monitoring tools, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Illinois Statewide Terrorism Intelligence Center (STIC), software and hardware vendors, internal and security personnel:

  • Conducts initial triage activities of vulnerability and threat information as defined by previous training, policies, standards and procedures
  • Communicates findings in a timely manner as defined by procedures

 

(Job Responsibilities continued)

10% Continues education by attending training sessions, seminars and conferences to increase familiarity with and maintain current on security products, vendors, techniques and procedures:

  • Monitors on-line information security related websites, blogs, articles, reports, as well as other security intelligence sources to keep up-to-date on the latest security threats and trends
  • Compiles summaries and other documentation of information security and cybersecurity topics as assigned
  • Travels to attend meetings, training sessions and conferences

5% Assists senior security personnel during incident response activities of more serious and/or complex security incidents

5% Performs other duties as required or assigned which are reasonably within the scope of duties enumerated above

Knowledge, Skills, and Abilities

Minimum Qualifications:

  1. Requires knowledge, skill, and mental development equivalent to completion of two years of college, with course work in computer science, management information systems, IT auditing, Cybersecurity or a related field; OR satisfactory completion of an agency sponsored training program

Specialized Skills:

  1. Requires working knowledge of information security frameworks, including the National Institute of Standards and Technology (NIST) Cybersecurity Framework
  2. Requires working knowledge of computer networking concepts and protocols, network security methodologies, emerging security issues, risks, vulnerabilities and information security industry best practices
  3. Requires working knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities

Preferred Qualifications (In order of Significance):

  1. Good oral and written communication skills to present technical information to non technical decision makers with clarity and precision
  2. working knowledge of information security frameworks, including the National Institute of Standards and Technology (NIST) Cybersecurity Framework
  3. Working knowledge of computer networking concepts and protocols, network security methodologies, emerging security issues, risks, vulnerabilities and information security industry best practices
  4. Working knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities

Employment Conditions

  1. Requires SANS Security Essentials Bootcamp Certification
  2. Requires ability to travel
  3. Requires use of agency-supplied equipment (mobile phone, laptop, etc)
  4. Requires the ability to successfully complete a fingerprint-based background check as defined in the Department of Justice, Federal Bureau of Investigation Criminal Justice Information Services (CJIS) Security Policy, Internal Revenue Service Publication 1075 and background check done by the Illinois State Police

Work Hours:  Tuesday - Saturday 8:30AM - 5:00PM  
Work Location: 120 W Jefferson St Springfield, IL 62702-5170  
Agency Contact:
 
Tristan.J.Molumby@illinois.gov

Job Family:  Technology  

 

This position DOES contain “Specialized Skills” (as that term is used in CBAs).

 

APPLICATION INSTRUCTIONS

Use the “Apply” button at the top right or bottom right of this posting to begin the application process.

If you are not already signed in, you will be prompted to do so. 

State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon. 

Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon.  If you have never before signed in, you will be prompted to create an account.

If you have questions about how to apply, please see the following resources:

State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid

Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.

 

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.

 

The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:

  • donotreply@SIL-P1.ns2cloud.com
  • systems@SIL-P1.ns2cloud.com