Cybersecurity Analyst

Job Description

PLEASE ATTACH THE ADDITIONAL REQUIREMENTS LISTED AT THE BOTTOM OF THIS PAGE

Job ID: 32194
Agency: Bureau of Information and Technology
Location:Sioux Falls, SDSalary: $73,063.30-$91,329.12 Annual Salary, depending on qualifications
Pay Grade: 07
Closing Date: 8/12/25

This is a Full-Time 40 Hour Weekly position with the Bureau of Information and Technology (BIT). For more information on BIT, please visit https://www.sd.gov/bit . If you are highly motivated, enjoy cybersecurity, and looking to build a career, we want you to join our team!

BIT consists of five divisions - Administration, Enterprise Platform and Infrastructure, Development, Technology Operations and Communications, and South Dakota Public Broadcasting - which serve the State of South Dakota by providing technology solutions, services, and support. The Cyber Security Analyst is a key position within the Technology Operations and Communications division.

Benefits of working for the State of South Dakota include:

• multiple health plan options, including a $0 employee premium option;
• 6% fully matched retirement plan. Includes long term disability and family survivor benefits;
• $25,000 paid life insurance;
• generous leave policies;
• stable industry sector;
• flexible work schedule, providing the ability to maintain a great work/life balance.

The Bureau of Information and Technology is seeking a full-time, permanent Cybersecurity Analyst. Under general supervision, this role involves detecting and mitigating cybersecurity threats in the organization. The Cybersecurity Analyst will be responsible for analyzing a variety of log sources such as network, endpoint, server, cloud, identity and web events to identify cyber threats, perform threat response activities to neutralize threats, and create or improve threat detections to improve overall security operations.

Primary Responsibilities:

• Security Monitoring: Review security logs for threats, anomalies, intrusions, and abnormal connection behavior.
• Incident Investigation: Investigate, report, and escalate issues to cybersecurity staff and management as required.
• Incident Response: Participate in incident response, computer forensics, data preservation, and investigations related to network breaches or unauthorized data access.
• Process improvements: Recommend enhancements for an efficient threat-hunting function.
• Reporting and Analysis: Support regular and special reporting, including reports of vulnerabilities, risks, control deficiencies, remediation strategies, and performance metrics.
• Threat Intelligence Gathering: Collect, analyze, and disseminate threat intelligence from various sources to identify potential threats and vulnerabilities.
• Threat Hunting: Proactively search for indicators of compromise (IOCs) and advanced persistent threats (APTs) within the network.
• Malware Analysis: Perform static and dynamic analysis of malware samples to understand their behavior and develop mitigation strategies.
• Threat Detection Modeling: Develop and maintain threat models to understand potential attack scenarios and improve defensive strategies.
• Threat Awareness: Provide threat awareness to other teams on the latest threats, attack techniques, and mitigation strategies.
• Collaboration: Work closely with other cybersecurity teams.

Join our team and contribute to maintaining our organization's security and integrity.

The Ideal Candidate Will Have:

Preferred qualifications include a bachelor's degree in a cybersecurity-related field and 3 to 5 years' experience in cybersecurity operation center (CSOC) functions such as detection & analysis, threat hunting and threat intelligence.

Knowledge of:

• Core Cybersecurity Operation Functions;
• threat actor attack chains and campaigns;
• Cybersecurity standard frameworks, controls, technologies, and solutions;
• Incident Response Management;
• IT Domains such as network, endpoint, server, cloud, identity and web.

Skill to:

• use SIEM, EDR, and SOAR platforms;
• build effective threat detection rules and queries;
• develop and enhance cybersecurity playbooks;
• develop and perform cybersecurity analysis and threat hunts;
• consume and disseminate cybersecurity threat intelligence;
• perform strong communication, both oral and written.

Ability to:

• work within a team and with other teams;
• understand scripting languages (e.g. Python, Powershell, Bash);
• emulate threats against enterprise infrastructure.

Additional Requirements: To be considered, please attach your resume.

This position is eligible for Veterans' Preference per ARSD 55:10:02:08.

Successful applicant(s) will be required to undergo a background investigation. An arrest/conviction record will not necessarily bar employment.

The State of South Dakota does not sponsor work visas for new or existing employees. All persons hired will be required to verify identity and eligibility to work in the United States and complete an Employment Eligibility Verification, Form I-9. The State of South Dakota as an employer will be using E-Verify to complete employment eligibility verification upon hire.

The State of South Dakota offers $0 premium employee health insurance option plus eleven paid holidays, generous vacation and sick leave accrual, dental, vision, and other insurance options, and retirement benefits. You can view our benefits information at https://bhr.sd.gov/job-seekers/work-for-state-government/ . This position is a member of Class A retirement under SDRS.

Must apply online: https://gen-stateofsouthdako-trn.inforcloudsuite.com/hcm/xmlhttp/shorturl.do?key=1ZY
You must apply online, emailed resumes or submissions will not be accepted.
South Dakota Bureau of Human Resources
Telephone: 605.773.3148 Email: careers@state.sd.us
http://bhr.sd.gov/workforus
"An Equal Opportunity Employer"

#LI-Onsite