Office of Information Technology (MaineIT)

Threat Intelligence Officer (Public Service Manager II) – Security Operations Center

OPENS: December 13, 2022

CLOSING: December 29, 2022

OVERVIEW:

The Department of Administrative and Financial Services (DAFS) Office of Information Technology (MaineIT) provides information technology support to over 13,000 employees. MaineIT oversees large scale enterprise applications that support the critical and diverse business needs of the State of Maine and its agencies.

MaineIT is seeking a highly talented individual who will represent our C.A.R.E. values in all that they do. At MaineIT we:

• Practice Customer-focus, ensuring that our customers are heard, and their needs are met.
• Hold ourselves to a high level of Accountability by being transparent with our stakeholders.
• Maintain an effective level of Responsiveness by providing timely updates in a proactive manner.
• Strive to provide Empathy driven, people-focused services by applying emotional intelligence skills and behaviors.

ABOUT THE JOB DETAILS:

The Information Security Office (ISO), Security Operations Center (SOC) is at the forefront of the State of Maine defense against cyber threats. The Threat Intelligence Officer will support evaluating, preparing, and presenting cybersecurity intelligence to technology, managerial and executive audiences based on existing research from various trusted sources. This intelligence will involve analyzing trends in cyber events and attacks, vulnerability exploitation, malware development, and third-party risk using threat intelligence analysis models such as the Mitre Corporation Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) framework, the Diamond Model, and the Cyber Kill Chain. This position is critical in that it gathers and disseminates historical and current cyber threat information to key resources, including the CISO and CIO, to reduce risk to the State of Maine information assets. The position will be a key technical advisor and the authority in cyber threat information for the Information Security Office, creating and managing the overall threat intelligence program and developing threat intelligence policy, procedures & standards, as well as tools and templates to support policies and standards. The position will be required to facilitate cyber threat activities across the MaineIT enterprise to include Enterprise Data Services, Client Technology Services, Computing Infrastructure & Services, and Network Operations. The Threat Intelligence Officer collects, processes, analyzes, and disseminates cyber threat/warning assessments to inform technical staff, and ensures that the cyber intelligence data is up-to-date and relevant for the State of Maine operating environment. The candidate must be knowledgeable about how the threat intelligence products and processes fit into the broader Security Program and generally understand information security concepts, methods to combat against emerging threats, and adversary Tactics, Techniques, and Procedures. The position will also provide guidance and supervision to ISO staff while supporting the Security Operations Manager in adequately meeting and addressing the operational demands within the SOC.

The candidate will be responsible for supervisory duties that include leading technical, administrative, and vendor support personnel to meet operational goals. The Information Security Office SOC located in Augusta, Maine, provides 24x7 security monitoring support, and requires the position to participate in an on-call rotation. Work is performed under limited supervision.

Hybrid Work Opportunity – The employee in this position currently has the opportunity to work from home as much as 90% of the time.

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

• Familiar with cyber intelligence/information collection capabilities and repositories.
• Understanding intelligence support to planning, execution, and assessment.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk), and about laws, regulations, policies, and ethics as they relate to cybersecurity and privacy, cybersecurity and privacy principles.
• Understanding how to extract, analyze, and use metadata.
• Familiarity with common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
• Knowledge of the cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and common attack methods and techniques (DDoS, brute force, spoofing, etc.).
• Knowledge of specific operational impacts of cybersecurity lapses.
• Familiar with classification and control markings standards, policies and procedures.
• Understanding internal tactics to anticipate and/or emulate threat capabilities and actions.
• Knowledge of human-computer interaction principles, network traffic analysis methods.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Clearly articulate intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes.
• Accurately and completely source all data used in intelligence, assessment and/or planning products. Evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products meet the customer’s decision-making needs.
• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Function effectively in a dynamic, fast-paced and collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. Effectively collaborate via virtual teams; evaluate information for reliability, validity, and relevance.
• Identify intelligence gaps.
• Recognize and mitigate cognitive biases which may affect analysis, as well as mitigate deception in reporting and analysis.
• Think critically; think like threat actors; utilize multiple intelligence sources across all intelligence disciplines.

CONTINUED PROFESSIONAL DEVELOPMENT OPPORTUNITIES:

• Select and work with vendor support and best in class automated planning tools to establish and maintain a state resiliency program.
• Improved understanding on all manner of contingency plans including Incident Response, Information System Contingency, Continuity of Operations Plan, Occupant Emergency, and Crisis Communication Plans and planning.
• Work with every department in the executive branch and gain an understanding of their essential business functions and how they deliver essential services to State of Maine citizens; and
• Experience working in state government as part of a large IT enterprise.

MINIMUM QUALIFICATIONS:

(Entry level knowledges, skills, and/or abilities may be acquired through, BUT ARE NOT LIMITED TO the following coursework/training and/or experience).

A minimum of 8 years of a combination of related post-secondary education, technical certifications, or technology related work experience. Related training, internship experience etc. may be credited as related experience on a month-per-month basis.

HOW TO APPLY:

Interested applicants need to apply online by selecting the "Apply for this opening" button along with uploading a cover letter and current resume.

Resume’ and Cover Letter must be submitted in order to be considered for an interview. Application deadline: December 29, 2022

All current MaineIT Job postings can be found here: « Openings at State of Maine Office of Information Technology

SALARY:

JOB CLASS CODE: MH 31 POSITION: 004250762 PAY GRADE: 31 - ($75,275.20 - $102,502.40/yr.)*

• Includes a 10% recruitment and retention salary adjustment.

BENEFITS:

• Work-Life Balance – Rest is essential. Take time for yourself using 13 paid holidays, 12 days of sick leave, and 3+ weeks of vacation leave Vacation leave accrual increases with years of service, and overtime-exempt employees receive personal leave.
• Health Insurance Coverage– The State of Maine pays 85%-100% of employee-only premiums ($10,996.70-$12,937.34 annual value), depending on salary. Use this chart to find the premium costs for you and your family, including the percentage of dependent coverage paid by the State.
• Health Insurance Premium Credit– Participation decreases employee-only premiums by 5%. Visit the Office of Employee Health and Wellness for more information about program requirements.
• Dental Insurance– The State of Maine pays 100% of employee-only dental premiums ($379.60 annual value).
• Retirement Plan– The State of Maine contributes 17.96% of pay to the Maine Public Employees Retirement System (MainePERS), on behalf of the employee.
• Gym Membership Reimbursement– Improve overall health with regular exercise and receive up to $40 per month to offset this expense.
• Health and Dependent Care Flexible Spending Accounts– Set aside money pre-tax to help pay for out-of-pocket health care expenses and/or daycare expenses.
• Public Service Student Loan Forgiveness– The State of Maine is a qualified employer for this federal program. For more information, visit the Federal Student Aid office.
• Living Resources Program – Navigate challenging work and life situations with our employee assistance program.
• Parental leaveis one of the most important benefits for any working parent. All employees who are welcoming a child—including fathers and adoptive parents—receive four weeks of fully paid parental leave. Additional, unpaid leave may also be available, under the Family and Medical Leave Act.
• Voluntary Deferred Compensation– Save additional pre-tax funds for retirement in a MaineSaves 457(b) account through payroll deductions.
• Learn aboutadditional wellness benefits for State employees from the Office of Employee Health and Wellness.

• Maine State Government is an Equal Opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We provide reasonable accommodations to qualified individuals with disabilities upon request.