• SIEM Systems Administrator - ITS5

    State of MinnesotaSaint Paul, MN 55145

    Job #2820081582

  • Working Title: SIEM Systems Administrator

    Job Class: Information Technology Specialist 5

    Agency: Minnesota IT Services

    • Job ID : 81430

    • Location : St. Paul

    • Telework Eligible : Yes - #LI-Hybrid

    • Full/Part Time : Full-Time

    • Regular/Temporary : Unlimited

    • Who May Apply : Open to all qualified job seekers

    • Date Posted : 01/09/2025

    • Closing Date : 01/28/2025

    • Hiring Agency/Seniority Unit : Minnesota IT Services

    • Division/Unit : Department of Public Safety/Bureau of Criminal Apprehension

    • Work Shift/Work Hours : Day Shift

    • Days of Work : Monday - Friday

    • Travel Required : No

    • Salary Range: $39.14 - $66.92 / hourly; $81,724 - $139,728 / annually

    • Job Class Option : Systems Software

    • Classified Status : Classified

    • Bargaining Unit/Union : 214 - MN Assoc of Professional Empl/MAPE

    • FLSA Status : Exempt - Professional

    • Designated in Connect 700 Program for Applicants with Disabilities (~~~/) : Yes

    The work you'll do is more than just a job.

    At the State of Minnesota, employees play a critical role in developing policies, providing essential services, and working to improve the well-being and quality of life for all Minnesotans. The State of Minnesota is committed to equity and inclusion, and invests in employees by providing benefits, support resources, and training and development opportunities.

    Join the 2,600+ professionals of Minnesota IT Services (~~~/) (MNIT) who connect Minnesotans to services that will improve their lives. This position serves our partners at the Bureau of Criminal Apprehension (BCA) within the Department of Public Safety (DPS). MNIT BCA provides comprehensive IT operations and support services, custom application development, and dedicated business-specific support functions for investigative and specialized law enforcement services. You will support an agency that partners with law enforcement, public safety, and criminal justice agencies to prevent and solve crimes.

    As an SEIM System Administrator, you will be responsible for leading and participating in the architecture, design, implementation, configuration and maintenance of Security Information and Event Management (SIEM) in support of BCA and MNJIS systems and services. You will provide technical leadership and analysis in BCA's Enterprise software infrastructure and SIEM system and ensure the system effectively managed and utilized to protect the organization against system threats while supporting business objectives. You will promote the protection of BCA's data security and privacy. You will conduct system and procedural risk analysis, with a strong focus on implementation and CJIS compliance. Advise and configure SIEM Enterprise software infrastructure including indexers, web servers and forwarders. The operational duties include implementation and maintenance of SI M software, including patches and updates, adhere to system security and availability. In collaboration with the Infrastructure Security Engineer and Network Operations provide in­ depth investigations of specific incidents and analyzing and interpreting data trends to determine the root cause and impact and provide recommendations for remediation and prevention.

    This position requires an employee to be onsite at the work location 2 days per week.

    • Telework (~~~) for Minnesota IT Services allows an employee to perform work from a telework location and an employee may be required to be in the office based on business needs and other dependencies in St Paul, Minnesota.

    • Only candidates located in Minnesota and bordering states (Iowa, North Dakota, South Dakota, or Wisconsin) are telework eligible.

    Minimum Qualifications

    Candidates must clearly demonstrate all of the following qualifications in their resume. Resume tips here. (~~~) :

    This position requires a minimum of five (5) years experience with SIEM Information Systems.

    Experience must include

    • In-depth knowledgeofarchitecture, engineering, andoperationsofatleast oneenterpriseSIEMplatform(e.g., Splunk Enterprise, Elastic/Kibana).

    • Advanced understanding ofTCP/IP,common networkingportsandprotocols,trafficflow,system administration, OSI model, defense-in-depth,and common security elements.

    • Demonstrated hands-onexperienceanalyzing highvolumesoflogs,network data(e.g.,NetFlow, FullPacket Capture), and other attack artifacts in support of incident investigations.

    • Ability to deliver effective verbal or written messages that facilitate a mutual understanding on both parties.

    • Customer service skills that include active listening, empathy, and problem-solving.

    A master's degree in Information Technology or an IT related field substitutes for three (3) years of experience, OR an IT related bachelor's degree substitutes for two (2) years, OR an IT related associate's degree substitutes for one (1) year.

    Preferred Qualifications

    • SPLUNKSIEMSMECertification:Splunk CoreCertified PowerUserormoreadvanced certification.

    • Experienceandproficiencywithanyofthefollowing:Anti-Virus,HIPS/HBSS,IDS/IPS, FullPacketCapture, Network Forensics.

    • Stronganalytical,oralandwritten communications,problemsolving, andhumanrelations skills.

    • Advancedcertificationsinvolvingoperation,maintenance, administrationofatleastoneenterpriseSIEM platform (e.g., Splunk, Elastic/Kibana).

    • WindowsandLinuxcommandlineexperience.

    • Advanced understanding of thelifecycleofsystem threats,attacks,attack vectorsandmethods of exploitation with an understanding of intrusion settactics, techniques, and procedures (TTPs).

    Additional Requirements

    It is the policy of Minnesota IT Services that a successful candidate must pass all legally required checks prior to employment which may consist of the following:

    • SEMA4 Records Check (applies to current and past state employees only)

    • Criminal History Check

    • Reference Check

    • Social Security and Address Verification

    • Education Verification

    • CJIS Background Check

    • Drug screen

    • Other legally required checks

    Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.

    AN EQUAL OPPORTUNITY EMPLOYER

    Minnesota State Colleges and Universities is an Equal Opportunity employer/educator committed to the principles of diversity. We prohibit discrimination against qualified individuals based on their race, sex, color, creed, religion, age, national origin, disability, protected veteran status, marital status, status with regard to public assistance, sexual orientation, gender identity, gender expression, or membership in a local commission as defined by law. As an affirmative action employer, we actively seek and encourage applications from women, minorities, persons with disabilities, and individuals with protected veteran status.

    Reasonable accommodations will be made to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at ~~~ or email ~~~ . Please indicate what assistance is needed.