Cybersecurity Enterprise Architect
Cybersecurity Enterprise Architect
State of Connecticut, Judicial Branch
The State of Connecticut Judicial Branch is seeking an experienced Cybersecurity Enterprise Architect (Information Technology Enterprise Specialist) to join our Cybersecurity and Identity Management unit. In this role, you will be tasked with designing and implementing an advanced Enterprise monitoring solution utilizing Microsoft Sentinel. The primary objective of this role is to ensure the security of the enterprise by detecting and preventing cyber threats, while providing valuable data analytics and visualizations for IT stakeholders and leadership. As the successful candidate, you will play a crucial role in shaping the future of the organization's cybersecurity strategy.
Duties include, but are not limited to:
- Knowledge of how Microsoft 365 technologies interact, primarily Azure Active Directory and Microsoft 365 collaboration workloads.
- Expert experience in Power Platform tools such as Power Apps, Power Automate and Power Virtual Agents for building forms and workflow solutions to use with Microsoft Sentinel.
- Experience with Azure services, specifically Azure Logic Apps, Azure Functions, Web Apps, and APIs.
- Enable Microsoft Sentinel data connectors and associated workbooks such as Office 365, Azure logs, Palo Alto, Cisco etc.
- Integrate Active Directory, Firewall, Windows servers, Windows Security Events connectors into Microsoft Sentinel dashboard.
- Create custom dashboards for Database, Desktop, Platform and security teams to flow logs and monitor in MS Sentinel.
- Assist with the configuration of a new or existing Azure Monitor Log Analytics workspace.
- Assist with the creation of hunting queries, using alerts and incidents and creation of playbooks.
- Assist with creation of threat intelligence dashboards in Microsoft Sentinel.
- Working knowledge of Log Analytics, Azure Functions, Machine Learning, and AI Cognitive services to continuously monitor the state of devices and take remedial actions.
Qualified candidates will be proficient with:
- At least 5 years of technical experience in cybersecurity field.
- Advanced event analysis leveraging Microsoft Sentinel SIEM.
- Solid knowledge of Azure Cloud technologies and M365 security toolsets.
- Strong expertise in Kusto Query Language (KQL).
- Expertise in Azure Logic Apps, Microsoft Flow, Power platform tools.
- Advanced incident investigation and response skill set.
- Advanced log parsing and analysis skill set.
Qualified candidates will possess the following:
- 8+ years experience with Microsoft 365 products.
- 4+ years of experience with cyber threat hunting, incident response and digital forensics and how various systems can integrate with SIEM solutions.
- 4+ years of experience in Power platform, logic apps, log analytics workspace and Microsoft Sentinel.
- Knowledge of frameworks like NIST, CIS, CISA, MITRE.
- Detailed practical knowledge of Internet protocols, firewalls, proxies, and intrusion detection/prevention systems.
- Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
In addition to the preferred qualifications, the successful candidate will have a positive attitude; proficient verbal skills; a collaborative approach to working in a close team environment; willingness to assist and share knowledge with peers and subordinates; strong writing skills, submit reports, proposals, and postmortem analyses.
This position qualifies for hybrid remote work.
Salary Range: $100,844 – $149,805/year – plus State of Connecticut benefits.
Starting salary may be commensurate with experience.
The State of Connecticut Judicial Branch offers its employees a top notch array of health and retirement benefits including but not limited to paid holidays, vacation, sick and personal leave, group life insurance, 457 Deferred Compensation, voluntary flexible spending account programs, discounted auto and home insurance policies and long and short term disability.
EXPERIENCE AND TRAINING
General Experience: Ten (10) years of experience in information technology (IT), programming, systems/software development or another IT related field demonstrating a growing and broadening base of knowledge and experience.
Special Experience: Two (2) years of the General Experience must have been at the expert working level with responsibility for performing a full range of highly complex technical support functions.
- College training in management information systems, computer science, electrical engineering or information technology related area may be substituted for the General Experience on the basis of fifteen (15) semester hours equaling six (6) months of experience to a maximum of four (4) years for a Bachelor’s degree.
- A Master’s degree in management information systems, computer science, electrical engineering or information technology related area may be substituted for one (1) additional year of the General Experience.
- Relevant certification in management information systems, computer science, electrical engineering or information technology related area may be substituted for up to six (6) months of the general experience.
SPECIAL REQUIREMENT: Incumbents may be required to travel within the State in the course of their daily work.
Applications must be received by March 27, 2023. Applications must be submitted through the on-line application site at: (CLICK BELOW). Resumes or paper applications will not be accepted.
Careers at the Branch play an essential role for the public and society. Our meaningful, challenging, and interesting positions have a long-lasting effect that serves to advance justice and ultimately provides for the greater good of all.
Please reference the posting number 23-4000-006