Virginia Department of Environmental Quality · 9 hours ago
Information Security Analyst
Richmond, VA
Full-time
Onsite
Mid Level
$93K/yr - $135K/yrVirginia Department of Environmental Quality is the primary environmental permitting agency in Virginia, responsible for administering laws and regulations related to environmental protection. They are seeking an Information Security Analyst to identify and mitigate potential threats and vulnerabilities within the agency’s digital infrastructure while upholding the confidentiality, integrity, and availability of critical data.
Environmental EngineeringGovernmentWater
Responsibilities
Perform vulnerability identification, analysis, and remediation through the collaboration with internal stakeholders across the agency, network, and application infrastructure
Performs application security testing using automated tools and manual validation
Coordinates and oversees third-party application security testing, reviews results, and assists with developing remediation strategies
Evaluates, implements, and supports information security tools (OS, network, application)
Assists with the development of policies, standards, guidelines, and procedures. Identifies areas of improvement for the information security program
Qualification
Required
Demonstrated ability to understand and advise on network security architecture concepts, including protocols, components, and principles (e.g., application of Defense-in-Depth)
Demonstrated ability to understand and advise information security requirements for projects, become familiar with common security weaknesses and defense strategies for new technologies, and coordinate testing with third-party vendors
Demonstrated Knowledge of Ethernet Networking fundamentals, LAN\WAN technologies, network hardware and protocols, OSI stack, TCP/IP, wireless networks, secure communications methods, firewalls, IPS/IDS, privilege account management solutions, SIEM, WebFilters, Packet Capture Software, Forensic and Discovery Tools
Effective verbal and written communication skills, both with cybersecurity and industry experts, and nontechnical employees who need to follow security protocols but may not understand them on a technical level
Ability to effectively multi-task, work independently with minimal supervision, as well as within a team, in a fast-paced support environment
Comprehensive understanding of multi-tier application architectures (3-tier, 4-tier etc.) as it relates to IT Security is required
Knowledge of securing operating systems, networking equipment, and applications
Knowledge of Incident Response Plans
Familiarity with COV ITRM policies, standards, and guidelines
Minimum: Application security testing experience including the use of automated security testing and manual validation techniques involving applications coded in one or more of the following languages: C#, Java, Java Script
A combination of training, experience or coursework in Information Technology, Information Systems, a related field, or equivalent training and/or experience. Security +, PenTest +, CEH, GIAC, GPEN, GCIH, or other industry security certification
Must complete an annual Statement of Economic Interest and Virginia State and Local Conflict of Interest Act Training (bi-annually)
Company
Virginia Department of Environmental Quality
Virginia Department of Environmental Quality is a government administration for environmental activities.
Founded in 1991
501-1000 employees
Funding
Current Stage
Late StageRecent News
The Virginian-Pilot
2025-08-12
New Orleans CityBusiness
2025-06-25
Company data provided by crunchbase