Office of Cyber Security Associate IT Security Analyst (DoIT #10117695)

Posting Details
THIS POSTING WILL BE USED FOR ONGOING RECRUITMENT AND MAY CLOSE AT ANY TIME. APPLICANT LISTS MAY BE SCREENED MORE THAN ONCE.
The Office of Cybersecurity (OCS) has the essential role and responsibility for the State of New Mexico (SoNM) Information Technology (IT) security program in coordination with state agencies. The administrative code (1.12.20 NMAC) and federal oversight requires state agencies to perform procedures necessary to ensure the security of information systems and federal data sets are protected from cyberattacks.
To maintain an adequate security posture by developing appropriate IT security policies, standards, and procedures with periodic updates to accurately reflect ever changing technology, legislative and user needs.
The OCS has the responsibility in protecting and monitoring the State of New Mexico¿s technology infrastructure and digital assets, including state agencies, mission critical systems and data.
Cyberattacks are dramatically increasing, and cybersecurity operations are facing new challenges. Cybersecurity is not just an IT problem anymore, it is a critical business risk, homeland security and public safety threat, voter confidence issue, and an economic development opportunity.
Technology continues to evolve, the cybersecurity landscape is constantly changing, increasing potential vulnerabilities and risk. Therefore, it is essential for the State Chief Information Security Officer (CISO) to secure additional security analysts to support the Office of Cybersecurity.
Why does the job exist?
The Associate Security Analyst, plays an essential role to support the Office of Cybersecurity's mission to maintain a safe and secure enterprise computing environment for the State of New Mexico. This role plays a key part in developing, implementing, and overseeing cybersecurity and AI compliance standards.
This position is designed to strengthen the state's cybersecurity posture through both technical contributions and policy support.
How does it get done?
Data Analysis: Creation of clear, actionable data visualizations.
Automation: Automating cybersecurity tasks to improve operational efficiency.
Policies and Procedures: Assist in the Development and Implementation of Cybersecurity and AI Standards.
Security software configuration and vulnerability management: Assist with security software configuration and support vulnerability and attack surface management, and penetration testing.
Risk Management: Identify, mitigate, and respond to security risks.
Compliance Assurance: Ensure adherence to relevant legislation and regulatory standards.
Incident Response: Manage post-incident processes, including issue identification, containment, eradication, restoration, and recovery.
Security Monitoring: Utilize security tools to monitor networks and systems for unusual activity, responding to alerts and potential threats.
Training and Awareness: Assist with security training and awareness programs for employees to foster a culture of security within the organization.
Documentation: Maintain documentation related to security policies, compliance audits, and incident reports.
Collaboration: Work with other IT teams and agencies to integrate security practices into all aspects of the organization¿s IT operations.
Confidentiality and Integrity: Ensure that all activities and operations are performed in a manner that protects the confidentiality and integrity of information. Adhere to best practices and established protocols to maintain a secure network environment.
Threat Intelligence and Professional Development: Stay updated on the latest threats, vulnerabilities, and cybersecurity trends by engaging in training, attending security forums and conferences, and reading industry publications. Continuously enhance your skills to effectively tackle evolving security challenges.
Who are the customers?
The State Chief Information Security Officer, State of New Mexico agencies, K-12 public school districts, higher educational institutions, local governments, and tribal entities.
Ideal Candidate
The State Chief Information Security Officer, State of New Mexico agencies, K-12 public school districts, higher educational institutions, local governments, and tribal entities.
Minimum Qualification
Associate Degree in Computer Science, Management Information Systems (MIS), Information Technology, Engineering, or similar technical degree and two (2) years of experience in IT security, compliance validation (e.g., HIPAA, PCI) or systems administration, network operations or end user support. Any combination of education from an accredited college or university in a related field and/or direct experience in this occupation totaling four (4) years may substitute for the required education and experience. A certificate in IT security/forensics (e.g., CISSP, CEH, CCFP, CCSP, HCISPP, SSCP) or regulated compliance (e.g., PCIP, ASV, ISA, QSA) can be used to substitute one (1) year of experience.
Employment Requirements
Driver's License, Defensive Driving Certificate, and background Investigation.
Working Conditions
The role is primarily office-based and involves extensive computer and phone use. The candidate should be comfortable working at a desk for extended periods and proficient with standard computer equipment (keyboard, mouse, display). Responsibilities include direct client interaction, attending meetings, and occasional travel. Physical requirements include the ability to lift up to 25 lbs and perform basic movements such as sitting, standing, bending, and reaching.
Supplemental Information
Do you know what Total Compensation is? Click here
Agency Contact Information: Natisha Montoya Email
For information on Statutory Requirements for this position, click the Classification Description link on the job advertisement.
Bargaining Unit Position
This position is not covered by a collective bargaining agreement.