Required Experience:
Hands on experience working with Endpoint Detection and Response (EDR) tools
Experience responding to, and analyzing, cyber security events and incidents
Experience working with Crowdstrike, or comparable EDR tool
Ability to work in high pressure, fast paced environments
Experience working with CrowdStrike or comparable EDR tool
Responsibilities:
Provide security monitoring and response efforts for, and in coordination with, the Security Operations Center (SOC)
Lead outreach and coordination with statewide partners, including County, Municipal, and educational entities
Strong communication, reporting, and documentation abilities
Monitor, analyze, and respond to cyber-security events, alerts, and incidents affecting State of Iowa IT systems
Take appropriate actions to protect IT assets from potential incidents and threats
Document and report changes, trends, and implications related to evolving cyber-security tools, systems, and solutions
Follow SOC processes and assist ISD Security Engineers and OCIO support teams during alerts, events, and incidents
Submit new events and update existing events within the SOC ticketing system
Provide phone and email support to state agencies and participating partners during alerts, events, and incidents
Provide off hours or ad hoc shift support as required
Proven ability to collaborate effectively with partners across varying technical backgrounds
Capability to perform Tier 1 troubleshooting, including log collection, documentation review, and appropriate escalation
Maintain up to date knowledge on relevant cyber-security technologies and tools
Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and incidents
Follow detailed operational procedures to analyze, escalate, and support remediation of critical security incidents
Assist with SOC metrics, reporting, and communications
Support incident response activities up to the preliminary forensics stage
Monitor EDR tools and perform initial assessment and data gathering for alerts
Required/Desired Skills
| Skill | Required /Desired | Amount (In Years) | Consultant Years of Experience | Skill Last Used |
|---|---|---|---|---|
| Hands on experience working with Endpoint Detection and Response (EDR) tools | Required | 3 | Years | |
| Experience responding to cyber security events and incidents | Required | 3 | Years | |
| Experience working with Crowdstrike, or comparable EDR tool | Required | 3 | Years | |
| Ability to work in high pressure, fast paced environments | Required | 3 | Years |
| No. | Question | Answer |
|---|---|---|
| Question1 | Absences greater than two weeks MUST be approved by CAI Management in advance, and contact information must be provided to CAI so that a resource can be reached during his or her absence. The Client has the right to dismiss the resource if she or he does not return to work by the agreed upon date. Do you agree to this requirement? | |
| Question2 | The Contractor must report any disciplinary action, misdemeanor, or felony convictions to the State for any temporary IT staff provided. Do you agree to this requirement? | |
| Question3 | What is your candidate&# ;s email address? | |
| Question4 | Have you completed and submitted the Right to Represent form, making sure to do so exactly as instructed? The form is located at /ia/ia_e-rtr_template.doc. | |
| Question5 | PROVIDE CANDIDIDATES CURRENT LOCATION (CITY/STATE) HERE: | |
| Question6 | SHOW YOUR WORK - In the summary of qualifications field under the details tab of the candidate&# ;s profile, you should explain why your candidate is the best fit for this position. Please confirm that you have thoroughly validated and attested to the accuracy of the credentials listed throughout this candidate&# ;s VectorVMS profile and resume according to Section 5.2.5 of ITS-009440. Do you confirm? Candidates will get rejected if an agency cuts and pastes the candidates&# ; resumes into this field [REQUIRED] | |
| Question7 | Use of AI is Strictly Prohibited: Please be advised that the use of AI-generated responses during screenings and interviews is strictly prohibited. Confirm that your candidate has been informed of this policy and agrees to adhere to it. Non-compliance will result in disqualification from the interview process. | |
| Question8 | Background Check Requirements: DOM contractor personnel are required to undergo additional background check investigations (run by DOM) before starting, requiring the completion of several waiver forms & fingerprint processes. The selected candidate will be responsible for completing all the necessary waiver forms, scheduling and completing the fingerprinting process, and returning all completed items to DOM for processing. This is in addition to the National Criminal and Sex Offender check that the vendor | |
| Question9 | Provide candidates with the complete physical address where the DOM DoIT Background Check form and fingerprint cards must be mailed. [REQUIRED] - Failure to provide accurate information will result in disqualification. | |
| Question10 | INTERVIEW DATES: Interviews will be conducted on [May 12, 13, 14] Only submit candidates available for interviews on the date(s) provided. |