Cybersecurity Risk Analyst (Infrastructure Specialist Associate - PN 20098627)

Cybersecurity Risk Analyst (Infrastructure Specialist Associate)

About Us: Our mission at the Ohio Department of Health (ODH) is advancing the health and well-being of all Ohioans. Our agency is committed to building a modern, vibrant public health system that creates the conditions where all Ohioans flourish.

What You'll Do: The Office of Management Information Systems (OMIS) administers the computer-based management systems across the ODH enterprise. The office is responsible for maintaining ODH computer networks and servers and for the development and implementation of strategies that support the current and future technology needs of the agency. We are seeking a Cybersecurity Risk Analyst (Infrastructure Specialist Associate) to work under direct supervision in order to become proficient, receive training on and assist higher-level Infrastructure Specialists with installation, monitoring/maintenance, configuration, upgrading, and/or administration/operation of a single assigned technology domain.

This position will:

• Assist higher level security staff with security operations
• Monitor enterprise security tools such as Security Information and Event Management platforms, endpoint detection systems, and vulnerability management solutions
• Research security events by gathering additional context from logs, threat intelligence sources, and internal systems
• Review and triage security alerts to identify potential threats, suspicious behavior, or policy violations
• Support risk management activities by helping identify, assess, and track technology and security risks, ensuring they are logged and escalated according to organizational processes
• Assist with privacy compliance efforts by reviewing systems and data flows for potential privacy impacts and ensuring security controls align with relevant policies and regulations
• Collaborate with IT teams to support broader security initiatives
• Develop and maintain ad-hoc utilities or reports to automate processes

At the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes:

• Medical Coverage
• Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period
• Paid time off, including vacation, personal, sick leave and 11 paid holidays per year
• Childbirth, Adoption, and Foster Care leave
• Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more)
• Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation)

*Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.

18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating a single technology domain.

-Or successful completion of IT Apprenticeship program at designated agency.

-Or completion of associate core program in computer science or information systems.

Note: the official position description on file with the designated agency is to reflect, in the minimum acceptable characteristics, the required technology related experience. Only those applicants possessing the required technology related experience listed in the position description are to be considered for any vacancies posted. The vacancy/job posting should also only list the required technology related experience commensurate with the position in question.

Applications of those who meet the minimum qualifications will be further evaluated against the following criteria:

• Undergraduate or advanced degree in Computer Science or Information Systems

• Experience with security event response (review and triage security events, respond to appropriate parties, assist with remediation and documentation efforts)

• Experience with Vulnerability Management Tools (e.g. Qualys)

• Experience with cybersecurity platforms for endpoint detection, threat intelligence, and incident response (e.g., Crowdstrike)

• Experience with Security Information and Event Management (SIEM) platform (e.g., Google SecOps+)

• Experience with Governance, Risk, and Compliance (GRC) tools (e.g., OneTrust, Bitsight)

• Experience with vendor IT security analysis (e.g., reviewing documentation, comparing vendor responses to agency/state IT security policies, providing feedback and recommendations to higher-level staff on policy/procedure adherence)

• Experience collaborating with IT teams to support vulnerability remediation efforts (i.e., tracking vulnerabilities, support basic risk assessment activities by gathering information, reviewing scan results, and confirming vulnerability details)

All eligible applications shall be reviewed considering the following criteria: qualifications, experience, education, and active disciplinary record.

Job Skills: Information Technology
Technical Skills: Cybersecurity, Risk Management
Professional Skills: Collaboration, Critical Thinking, Problem Solving

ALL ANSWERS TO THE SUPPLEMENTAL QUESTIONS MUST BE SUPPORTED BY THE WORK EXPERIENCE/EDUCATION PROVIDED ON YOUR CIVIL SERVICE APPLICATION. Unless required by legislation, the selected candidate will begin at Pay Grade 30, Step 1 of the union (OCSEA) Pay Range Schedule ($25.77 per hour), with an opportunity for pay increase after six months ($26.76 per hour) of satisfactory performance and then a yearly raise thereafter.

APPLICATION PROCEDURES:  

All applicants must submit a completed Ohio Civil Service Application using the online TALEO System. Paper applications will not be considered. Applicants must clearly indicate how they meet the minimum qualifications and/or position specific minimum qualifications. Applicants are also encouraged to document any experience, education and/or training related to the job duties above. An assessment of these criteria may be conducted to determine the applicants who are interviewed.

EDUCATIONAL TRANSCRIPT REQUIREMENTS:  

Official educational transcripts are required for all post-high school educational accomplishments, coursework or degrees claimed on the application. Applicants will be required to submit an official transcript prior to receiving a formal offer of employment. Failure to provide transcripts within 5 working days of being requested will cause the applicant to be eliminated from further consideration.

Please note that a transcript is considered "official" only if it is an original copy from the educational institution and includes an institutional watermark, ink stamp or embossed stamp. Transcripts printed from the institution's website will not be accepted. ODH reserves the right to assess the academic credibility of an educational entity's award of a putative degree.

BACKGROUND CHECK NOTICE:

The final candidate selected for this position will be required to undergo a criminal background check. Criminal convictions do not necessarily preclude an applicant from consideration for a position. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.

Ohio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs, and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws. 

The State of Ohio is a drug free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.