IT SIEM Security Analyst (VA773651)

IT SIEM Security Analyst (VA773651)

Key Responsibilities:

·Monitor security alerts and logs for tolling-related infrastructure using existing SIEM and other monitoring tools.

·Analyze, investigate, and triage security events and potential incidents involving tolling systems and devices.

·Coordinate with Tolling Division personnel, vendors, and operations teams to facilitate incident response, forensics, and remediation activities.

·Assist in onboarding tolling systems into the OT cybersecurity monitoring process, including asset inventory, log ingestion, and configuration baselines.

·Perform security assessments and reviews of tolling systems for vulnerabilities, misconfigurations, and gaps in compliance with standards such as NIST 800-53, NIST 800-82, and agency-specific policies.

·Support integration of tolling infrastructure into existing OT cybersecurity tools, including vulnerability management, endpoint detection, asset management, and access controls.

·Participate in the development and maintenance of incident response procedures and playbooks specific to tolling infrastructure.

·Contribute to regular security reporting, dashboards, and metrics for tolling systems.

·Collaborate with internal and external stakeholders to enhance the security posture of the tolling environment.

Qualifications Required:

·Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or a related field; OR equivalent experience.

·3+ years of experience in cybersecurity, with at least 1 year supporting OT, ICS/SCADA, or critical infrastructure environments.

·Familiarity with SIEM tools, log analysis, and incident response workflows.

·Working knowledge of networking protocols, system hardening, and asset inventory practices.

·Strong analytical, communication, and collaboration skills.

Preferred:

·Experience supporting or securing tolling systems, traffic management infrastructure, or roadside equipment.

·Knowledge of security frameworks such as NIST 800-53, NIST 800-82, or CIS Controls.

·Certifications such as GICSP, GCIA, CompTIA Security+, or CISSP.

·Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components.