Employment Opportunity

IT Security Specialist

North Carolina Department of Revenue, Wake County, North Carolina

Salary: $51,000.00 - $127,681.00 Annually

Final Filing Date: September 18, 2017

The Lead Cyber Security Analyst will help plan actions and lead Security Analysts in the analyzation and determination of the scope of threats to the enterprise, vulnerabilities in software, and how The North Carolina Department of Revenue will best defend itself against these threats. This position will require initiative to identify security needs and be expected to put together projects and teams to remediate identified security threats, issues and audit identified items. In addition, the position will oversee and enhance the process around monitoring third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities and exploits. The Lead Analyst will be heavily involved in the documenting, delivery, and testing of regulatory compliance to all required security regulation as well as the reporting of high level details and metrics to management. This position will also oversee and enhance the threat hunting program.

Recruitment for this position will target the Journey level of the IT Security Specialist band. The hiring range for this position is $65,143.00 - $90,800.00 and the salary will be commensurate with the applicant's competencies as well as the budget, equity, and market considerations. For promotional and reemployment priority purposes, this position is considered to be equivalent to salary grade 77.

Duties and Requirements Click to read more


  • Lead the development and enhance current threat and situational intelligence sources leveraging proprietary enterprise data, as well as a variety of external sources and open source data.
  • Establish, mature and maintain a threat hunting program.
  • Actively monitor and research cyber threats with a direct or indirect impact to the agency, business operations, or technology infrastructure.
  • Develop and support briefings to Security management as a cyber intelligence subject matter expert.
  • Create and conduct presentations on current threats and related IT Security topics.
  • Oversee process of monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics.
  • Network Security Operations Analysis
  • Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
  • Put together tasks forces to operationalize remediation efforts.
  • Incident Management and Forensic Analysis.
  • Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting.
  • Ensure and directly oversee the collection and preservation of evidence associated with cyber security incident response activities following industry best practices and established procedures.
  • Develop and support briefings to Security management as a cyber-forensic subject matter expert. Vulnerability Management, Lifecycle and Remediation.
  • Work with Cyber Analysts to assist in the remediation of identified vulnerabilities for all IT organizations.
  • Report on and enhance current metrics surrounding vulnerability management.
  • Take a lead role in the vulnerability management lifecycle.


Knowledge, Skills and Abilities / Competencies
  • Proven team player, will be working individually and with other staff members, on both long-term projects and rapid response under tight deadlines.
  • Team Leadership and management experience, taking initiative; providing and following through on solutions.
  • Proficient with Security related service and process assessments and evaluations based on NIST and ITIL standards.
  • Knowledge and experience implementing controls based on security regulation. E.g. NIST 800-53, IRS 1075
  • Effective and excellent oral and written communication, analytical, judgment and consultation skills.
  • Ability to effectively communicate in both formal and informal review settings with all levels of management.
  • Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources.
  • Ability to work independently and possess strong project management skills.
Minimum Education and Experience Requirements
  • Minimum requirements include a Bachelor's degree in Computer Science, Computer Engineering or an Information Security degree or closely related field from an appropriately accredited institution; or Bachelor s degree from an appropriately accredited institution and one year of experience in IT Security or closely related area; or an Associate s degree in Information Systems Security from an appropriately accredited institution and two years of experience in IT Security or closely related area; or an equivalent combination of education and experience.
MANAGEMENT PREFERENCE: Candidates who have experience with:
  • Implementation and maintenance of SIEM (Splunk, ArcSight, IBM Qradar, etc.)
  • Forensic analysis tools (MIR, EnCase, FTK)
  • Malware analysis tools (dynamic and static)
  • Vulnerability assessment tools (Nessus, nmap, etc.)
  • Secure Web Gateway (BlueCoat, Websense)
  • Network sniffers and packet tracing tools (SnifferPro, Ethereal and tcpdump)

Do you have the Education Required? See available on-line and campus-based degree programs now!

How to apply: Apply online

Posted: September 12, 2017

NOTE: The is not responsible for typographical errors or omissions in employment notices on this web site. Often, employers change final filing dates, change duties and/or requirements, or close employment openings without notice. If you are interested in a job posted on this site be sure to contact the employer to see if changes in the filing date or job announcement have been made. Employers can also provide more information about open positions that does not appear in the announcements on these pages.