State of West Virginia

Nature of Work

Position Title: Information Security Officer 2

We welcome you to join our WV Office of Technology team where we value work/life balance. We offer a great benefits package that includes paid holidays, insurance and flexible benefits, and ample annual and sick leave accrual. Various training opportunities are provided for our employees.

The location of this position will be in the following county: Kanawha.

Requirements for this position include but are not limited to:

• A valid driver’s license OR State issued ID and dependable transportation are required.
• IF APPLICABLE: Travel to various State Agencies to perform work and maintain accurate mileage records.
• Regular attendance is an essential part of this position.

Job Duties:

This role provides advanced cybersecurity services to West Virginia agencies supported by the WVOT and assists leadership with high-level security documentation. The Tier 3 SOC Analyst performs highly technical work in the Cyber Security Office, serving as the top escalation point for complex security incidents and challenges. The analyst conducts expert-level investigations and manages critical security incidents across a wide variety of platforms. A particular focus of this role is proactively identifying and neutralizing sophisticated threats, including those related to AI systems, machine learning models, and complex data pipelines.

The position requires the use of a variety of cyber defense tools to monitor network traffic, perform advanced security alert processing, and ensure systems are functioning with the highest level of security. The analyst will actively utilize Endpoint Detection and Response (EDR) solutions to conduct expert-level threat hunting, respond to critical alerts, and lead forensic analysis efforts. Additionally, this role is responsible for the design, administration, and maintenance of Next-Generation Firewalls (NGFWs), including the critical duty of developing and enforcing firewall change policies.

The analyst will perform highly technical work in developing, implementing, and maintaining enterprise-wide information security policies, standards, and controls. This includes defining, establishing, and enforcing resource ownership responsibilities, such as data classification, account management, access controls, and other internal controls. The analyst uses defensive measures and information collected from a variety of sources to proactively identify, analyze, and report on events that may occur within the network. This also includes maintaining meticulous, detailed documentation within all relevant systems to ensure leadership and other team members have a consistent record of investigations, actions taken, and the context of all security events.

The employee is expected to engage in continuous professional development and actively seek specialized training to improve their technical aptitude across all managed systems to keep pace with evolving cyber threats and technologies.

• Performs other duties as assigned.
• As a condition of employment, an inquiry into job-related information will be completed which may include, but not limited to, criminal records, abuse registry records, driving records, employment history, and education and training. Failing to cooperate with this process, providing false or incomplete information, and/or discovery of disqualifying information may result in denial of or dismissal from employment or denial of transfer irrespective of when discovered.

Click The APPLY Link To Apply Online.

Minimum Qualifications

Desired Qualifications:

Training: Bachelor's Degree from a regionally accredited four-year college or university.

Substitution: Up to two years experience as described below may substitute for the required training on a year-for-year basis.

Experience: Eight years of full-time or equivalent part-time paid experience in computer science, information security, software engineering, information technology auditing, network administration, or other related information technology field.

Substitution:

(1) Master's Degree from a regionally accredited college or university may substitute for two (2) years of the required experience.

(2) Each professional information security certification or license from a nationally recognized professional organization, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), or Certified Information Security Manager (CISM), or other technical certifications at the discretion of the Office of Technology Chief Information Security Officer may be substituted for one year of work experience.

(3) Each technical or specialist certification, such as Systems Security Certified Practitioner (SSCP), Network + Certification, FBI Computer Analysis Response Team (CART) Field Examiner Certification, Computer Hacking Forensic Investigator (CHFI), or other technical certifications at the discretion of the Office of Information Technology Chief Information Security Officer may be substituted for six months of work experience.

(4) Successful completion of twenty-four (24) semester credits or 384 hours of industry recognized/authorized/certified information security training/seminars, related to ISO job duties may be substituted for one (1) year of the required experience. Semester hours must be supported by transcripts and equivalent industry training must be supported by records from the organization hosting the training/seminar.

State employment offers a variety of benefits. Click HERE to visit the Division of Personnel's Benefits Page.