- Analyst (Jobs in Blythewood, SC) Requirement id 152230 Job title Analyst Job location in Blythewood, SC Skills required Security Analyst, Analyze Data, -, Open Date 07-Mar-2025 Close Date Job type Contract Duration 1 Months Compensation DOE Status requirement --- Job interview type --- Email Recruiter:coolsoft Job Description Analyst: Security Analyst, Analyze Data, -, No of Submissions : 2 Start date : 4/17/25 Submission deadline : 3/14/2025 Client Info : Department of Motor Vehicles Note: * This is on-site at SCDMV headquarters in Blythewood SC Q) INTERVIEW PROCESS (WHO WILL CONDUCT I/V, PHONE OR IN-PERSON, HOW MANY ROUNDS OF I/VS)? A) • Security Team Manager • In-person preferred but will be willing to accommodate highly qualified candidates. • 2 rounds of interviews possible Q) SCHEDULE INTERVIEW: HOW SOON CAN YOU SCHEDULE AN INTERVIEW (DATE / TIMES)? A) ASAP Description : This role is 100% ONSITE - 0% remote **Only those selected for an interview will need to sign and return the NDA to TAPFIN - email to stateofsc@tapfin.com** SCOPE OF THE PROJECT: Enhance the security posture of the South Carolina Department of Motor Vehicles (SCDMV) to protect sensitive citizen data and ensure the integrity of motor vehicle licensing and titling systems. DAILY DUTIES / RESPONSIBILITIES: THE DMV SECURITY TEAM IS LOOKING FOR CANDIDATES TO FILL TWO ENTRY LEVEL SECURITY POSITIONS. THE DMV WILL TRAIN THE SELECTED CANDIDATES TO PERFORM THE TASKS LISTED BELOW. AT A MINIMUM WE ARE LOOKING FOR BASIC SERVER OR NETWORK ADMINISTRATION SKILLS THAT WE CAN BUILD UPON. 1. Threat Intelligence Research • Monitor and analyze threat intelligence feeds to identify emerging threats relevant to the organization. • Document findings, such as new attack methods or vulnerabilities, and share with the team. • Use open-source intelligence (OSINT) tools to gather data on potential risks and adversaries. 2. Threat Hunting and Detection Rule Creation • Conduct proactive searches for suspicious behavior in network and endpoint activity using provided tools and playbooks. • Collaborate with senior analysts to refine and test detection rules (e.g., SIEM queries or Defender for Endpoint rules). • Document hunting methodologies and findings to support continuous improvement. 3. Log Analysis • Review and interpret logs from firewalls, endpoints, and servers to identify indicators of compromise (IOCs). • Escalate findings, such as anomalous IP addresses or unauthorized access attempts, to senior analysts. • Maintain a log of recurring patterns or anomalies for long-term tracking and analysis. 4. Incident Response • Assist in initial triage of security incidents by following response frameworks (e.g., NIST, MITRE ATT&CK). • Gather and analyze relevant evidence, such as logs or alert data, to determine the scope and severity of incidents. • Document findings during incidents and contribute to containment and remediation efforts. 5. Documentation and Reporting • Create clear, detailed reports, including incident reports, after-action reviews, and process documentation. • Draft training materials or guides to help improve organizational awareness and readiness. • Regularly update and organize documentation to ensure accuracy and accessibility for team use. REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): • PROBLEM-SOLVING: ANALYZE DATA, IDENTIFY ANOMALIES, AND RECOMMEND SOLUTIONS. • ATTENTION TO DETAIL: ENSURE ACCURATE ANALYSIS AND CONFIGURATION FOR EFFECTIVE SECURITY MEASURES. PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): • VULNERABILITY MANAGEMENT: ANALYZE REPORTS, PRIORITIZE PATCHING, UNDERSTAND NIST BEST PRACTICES. • THREAT HUNTING & INTELLIGENCE: UTILIZE THREAT FEEDS, INVESTIGATE SUSPICIOUS ACTIVITY, STAY CURRENT ON CYBER THREATS. • SECURITY AWARENESS TRAINING: DEVELOP & DELIVER TRAINING, ASSESS EMPLOYEE AWARENESS THROUGH SIMULATIONS. • SECURITY AUTOMATION: LEVERAGE SCCM, GPO, POWERSHELL FOR PATCH DEPLOYMENT. • ENDPOINT SECURITY (DEFENDER FOR END Call502-379-4456 Ext 100for more details. Please provide Requirement id: 152230 while calling.