The Information Security Analyst focuses on security matters including designing, monitoring, maintaining, and recommending improvements to preventative, detective, and corrective controls. This is a highly technical position and is responsible for providing operational and monitoring support for information security systems. The position requires a high degree of collaboration with internal JIS stakeholders and external parties. This position is also involved in researching and analyzing security incidents for information systems. The incumbent uses threat intelligence services for identifying possible threats to and vulnerabilities of the Judiciary and participates in the enterprise remediation efforts on a 24/7 basis. This position must be available to provide on- call services and participate in disaster recovery events.

Education: Bachelor’s degree from an accredited college or university.

Experience: Two (2) years of work experience in information security operations, IT threat management, IT threat assessment, or IT threat remediation.

Note: Professional work experience as defined above may be substituted on a year for year basis for up to four (4) years of the required education.

Skills/Abilities:

• Knowledge of applicable laws and regulations as they relate to security, auditing, risk management, vulnerability assessments, contractor/vendor negotiations & management and security incident management.
• Scripting and PowerShell.
• Documenting the detection of security risks, vulnerabilities, and breaches.
• Techniques to identify and remediate system security vulnerabilities and remediation techniques.
• Knowledge of security best practices across multiple platforms including Windows, Linux, VMware, and Microsoft Office 365/Azure.
• Familiarity with computer forensics, host intrusion and network intrusion detection leveraging information security technologies including EndPoint Detection and Response (EDR), and Wireshark.
• Understanding of Security Information and Event Management (SIEM) tools including creating custom queries to manipulate large data sets.
• Knowledgeable about network security technologies (e.g., next-generation firewalls, network access control) and network fundamentals (e.g., TCP/IP stack, network topologies)
• Skill in monitoring various supported platforms/systems using both automated and manual processes.
• Analyze, report, and coordinate remediation based on the findings from vulnerability scans, and penetration tests.
• Performing analyses of information security events to determine risk.
• Analyzing using problem-solving and decision-making skills and applying results with a solution-focused attitude.
• Balancing multiple responsibilities and competing priorities which may frequently change.
• Effective organization and time management; interpersonal relations and communication. Professionalism and personal integrity.
• Ability to understand the Judiciary’s technical and business environment and acquire familiarity with national security standards.
• Communicate with all levels of IT and business staff and management and executive management both orally and in writing and appropriately tailoring the communication to the needs and experience of the intended audience.
• Interface effectively with vendors as well as internal and external auditors.
• Be actively involved with industry peers to stay current with security practices, guidelines, legislation, etc.
• Use acquired knowledge to implement and promote continuous improvement of Judiciary’s state of security. Ability to perform all essential functions of the position.

Beginning December 29, 2021, all new employees will be required to be fully vaccinated as a condition of their employment. Full vaccination status requires that two weeks have passed since the employee’s second Pfizer or Moderna vaccination shot, or since the one Johnson and Johnson vaccination shot.

This new condition of employment is consistent with other state judiciary orders and with local, state, and federal requirements being adopted to control COVID-19 transmission rates and to safeguard the health of Judiciary personnel and the public. Religious and medical exemptions will be made on a case-by-case basis.

The Maryland Judiciary is a drug-free workplace and an equal opportunity employer, committed to diversity in the workplace. We do not discriminate on the basis of race, color, religion, age, sex, marital status, national origin, physical or mental disability, familial status, genetic information, gender identity or expression, sexual orientation, or any other characteristic protected by State or federal law. Applicants who need an ADA Accommodation for an interview should request the accommodation when notified of a request to be interviewed. Applicants must be United States citizens or eligible to work in the United States.