Job Description :

DirectClient: Office of the Attorney General of Texas(OAG)
Title: DLP/CASB Security Architect/Engineer
Location: OAG-CSD State Office located at 5500 E. Oltorf St, Austin, TX 78741/Telecommuting
Duration: Until 8/31/2021 with possible extension upto 8/31/2022
Last date for submission: May 28, 2021 (2.00 PM-CST)

Data Loss Protection (DLP) and Cloud Access Security Broker (CASB) are key focus solution areas within the Enterprise Information Security (EIS) division. The Security Analyst is required to work on and lead the DLP/CASB architecture, implement and design use cases tailored to monitor and protect our hybrid data center and cloud environments as well as improve our security posture.

Ideally, we are looking for a DLP/CASB Architect and Engineer with experience working with Data Protection Software like Netskope (CASB), Prisma SaaS (CASB), Microsoft (DLP/CASB), Forcepoint (DLP/CASB), and Symantec/Broadcom (DLP/CASB).
 This person will need to have hands-on experience with DLP/CASB including:
•       Work closely with business units to review and understand Data Protection requirements for new and in-flight projects and initiatives, with the ability to articulate the impacts clearly and concisely, while recommending solutions and offering practical suggestions as to remediation activities
•       Work closely with business units on the deployment and operation of Data Protection related technology
•       Manage the configuration, testing, and deployment of policy rules to help mitigate the risk to the agency as it relates to data protection
•       Design and build Data Protection infrastructure and solutions to align with program objectives, policies, procedures, and technical control requirements
•       Write and define solution requirements and identify the business value
•       Define key performance indicators (KPIs) and key risk indicators (KRIs) for data governance and protection controls
•       Define/create operational and strategic metrics for the data protection program
•       Work in a collaborative cross-matrix environment and be able to build and maintain key relationships throughout the agency

Minimum Requirements:
Years    Required/Preferred    Experience
8    Required    Experience working in Cybersecurity space
6    Required    Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope)
5    Required    Experience with Vulnerability Management Systems (i.e. Rapid7, Tenable/Nessus Scanning, Qualys). Establish vulnerability management program using systematic scanning, risk evaluation, and coordination to remediate or mitigate identified vulnerabilities
5    Required    Experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools
5    Required    Experience prioritizing top threats and likelihood for data loss vectors
5    Required    Experience developing API use cases, scenarios, requirements in support of integrations with other platforms
5    Required    Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and lead and work as part of a team
5    Required    Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
5    Required    Ensure proper metrics, analysis, and reporting for continuous process improvement. Provide escalation support and document resolutions for improvement.
5    Required    Monitor external data sources (e.g., cyber defense vendor sites, US-CERT, OpDivs, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine issues that would impact the enterprise
5    Required    Experience in creating, documenting, and maintaining policies, procedures, and workflows
4    Required    Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field. Master’s Degree a plus
1    Required    CISSP, CCSP, CEH, or equivalent certifications
7    Preferred    Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis.
7    Preferred    Possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST, PCI DSS, HIPAA, CIS Critical Controls)
5    Preferred    Experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft)
5    Preferred    Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler)
5    Preferred    Experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic)
5    Preferred    Running and handling the Incident Response Team (IRT) and procedures in the SOC Division
5    Preferred    Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks
3    Preferred    Understanding of cloud based solutions such as AWS, Azure, and/or Google Cloud
3    Preferred    Experience in performing the forensics by using the toolkit FTK / Autopsy etc.
1    Preferred    OSCP, CISM, GSEC, CEH, CISA, CCSP, CNFE desired
1    Preferred    Symantec Certified Specialist (CloudSOC, DLP); Microsoft 365 Certified: Security Administrator Associate

Client : OAG


Similar Jobs you may be interested in ..