Posting Details
The Office of Cybersecurity (OCS) has the essential role and responsibility for the State of New Mexico (SoNM) Information Technology (IT) security program in coordination with state agencies. The administrative code (1.12.20 NMAC) and federal oversight requires state agencies to perform procedures necessary to ensure the security of information systems and federal data sets are protected from cyberattacks.
To maintain an adequate security posture by developing appropriate IT security policies, standards, and procedures with periodic updates to accurately reflect ever changing technology, legislative and user needs.
The OCS has the responsibility in protecting and monitoring the State of New Mexico's technology infrastructure and digital assets, including state agencies, mission critical systems and data.
Cyberattacks are dramatically increasing, and cybersecurity operations are facing new challenges. Cybersecurity is not just an IT problem anymore, it is a critical business risk, homeland security and public safety threat, voter confidence issue, and an economic development opportunity.
Technology continues to evolve, the cybersecurity landscape is constantly changing, increasing potential vulnerabilities and risk. Therefore, it is essential for the State Chief Information Security Officer (CISO) to secure additional security analysts to support the Office of Cybersecurity.
THIS POSTING WILL BE USED FOR ONGOING RECRUITMENT AND MAY CLOSE AT ANY TIME. APPLICANT LISTS MAY BE SCREENED MORE THAN ONCE.
Why does the job exist?
The Cybersecurity undergraduate intern, plays an essential role to support the Office of Cybersecurity's mission to provide hands-on exposure to multiple aspects of cybersecurity for the State of New Mexico. The role plays a part in participating in projects of varying scope and responsibility, gaining experience with key security principles, including NIST and CISA requirements. By the end of the internship, the candidate will have:
- Explored cybersecurity career paths prior to graduation
- Developed communication, interpersonal, and critical skills
- Built a record of practical work experience in cybersecurity
- Established professional contacts that may lead to full-time employment
How does it get done?
Assist the cybersecurity operations team with:
Risk Management: Identify, mitigate, and respond to security risks.
Incident Response: Manage post-incident processes, including issue identification, containment, eradication, restoration, and recovery.
Security Monitoring: Utilize security tools to monitor networks and systems for unusual activity, responding to alerts and potential threats.
Training and Awareness: Assist with security training and awareness programs for employees to foster a culture of security within the organization.
Documentation: Maintain documentation related to cybersecurity incident reports.Developing forms. Maintain tracking survey responses. Flag issues for follow up. Develop and maintain cybersecurity glossary
Collaboration: Work with other IT teams and agencies to integrate security practices into all aspects of the organization¿s IT operations.
Confidentiality and Integrity: Ensure that all activities and operations are performed in a manner that protects the confidentiality and integrity of information. Adhere to best practices and established protocols to maintain a secure network environment.
Threat Intelligence and Professional Development: Stay updated on the latest threats, vulnerabilities, and cybersecurity trends by engaging in training, attending security forums and conferences, and reading industry publications. Continuously enhance your skills to effectively tackle evolving security challenges.
Security Services and Technical Oversight: Manage and oversee Vulnerability Management as a Service (VMaaS), Attack Surface Management (ASM) and Penetration Testing.
Vulnerability Management: Assist with vulnerability management activities and remediation tracking.
Asset Management: Assist with maintaining cybersecurity asset inventories.
Project Support: Assist with cybersecurity projects and related documentation.
Data and Reporting: Assist with organizing cybersecurity data and preparing reports.
Policy and Standards: Assist with cybersecurity policy and standards research.
Stakeholder Engagement: Assist with subscriber outreach, meetings, and follow-up activities.
Research: Assist with cybersecurity research and emerging threat awareness.
Who are the customers?
The State Chief Information Security Officer, Office of Cybersecurity, State of New Mexico agencies, K-12 public school districts, higher educational institutions, local governments, and tribal entities.
Ideal Candidate
The State Chief Information Security Officer, Office of Cybersecurity, State of New Mexico agencies, K-12 public school districts, higher educational institutions, local governments, and tribal entities.
Minimum Qualification
Currently enrolled in an accredited college or university OR completion of at least four (4) semesters (or equivalent) at an accredited college or university within the last two (2) years.
Employment Requirements
- Holds a high school diploma or GED
- Currently enrolled in an undergraduate college program
- Has work experience in office administration and/or customer service
Must possess and maintain current ID or Driver's License. Pre-employment background investigation is required, and employment is conditional pending results
Working Conditions
The role is primarily office-based and involves extensive computer and phone use. The candidate should be comfortable working at a desk for extended periods and proficient with standard computer equipment (keyboard, mouse, display). Responsibilities include direct client interaction, attending meetings, and occasional travel. Physical requirements include the ability to lift up to 25 lbs and perform basic movements such as sitting, standing, bending, and reaching.
Supplemental Information
Do you know what Total Compensation is? Click here
Agency Contact Information: Angelica Ruiz Email
For information on Statutory Requirements for this position, click the Classification Description link on the job advertisement.
Bargaining Unit Position
This position is not covered by a collective bargaining agreement.