IT Security Analyst

IT Security Analyst, Richmond, VA, US

IT Security Analyst

VDOT is seeking a highly motivated Security Analyst to support cybersecurity operations within the Operations Technology (OT)environment, with a specific focus on the integration and ongoing monitoring of the Tolling Division’s systems.

Key Responsibilities

• Monitor security alerts and logs for tolling-related infrastructure using existing SIEM and other monitoring tools.
• Analyze, investigate, and triage security events and potential incidents involving tolling systems and devices.
• Coordinate with Tolling Division personnel, vendors, and OT operations teams to facilitate incident response, forensics, and remediation activities.
• Assist in onboarding tolling systems into the OT cybersecurity monitoring process, including asset inventory, log ingestion, and configuration baselines.
• Perform security assessments and reviews of tolling systems for vulnerabilities, misconfigurations, and gaps in compliance with standards such as NIST 800-53, NIST 800-82, and agency-specific policies.
• Support integration of tolling infrastructure into existing OT cybersecurity tools, including vulnerability management, endpoint detection, asset management, and access controls.
• Participate in the development and maintenance of incident response procedures and playbooks specific to tolling infrastructure.
• Contribute to regular security reporting, dashboards, and metrics for tolling systems.
• Collaborate with internal and external stakeholders to enhance the security posture of the tolling environment.
  
  

Qualifications

Required:

• Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or a related field; OR equivalent experience.
• 3+ years of experience in cybersecurity, with at least 1 year supporting OT, ICS/SCADA, or critical infrastructure environments.
• Familiarity with SIEM tools, log analysis, and incident response workflows.
• Working knowledge of networking protocols, system hardening, and asset inventory practices.
• Strong analytical, communication, and collaboration skills.
  
  

Preferred

• Experience supporting or securing tolling systems, traffic management infrastructure, or roadside equipment.
• Knowledge of security frameworks such as NIST 800-53, NIST 800-82, or CIS Controls.
• Certifications such as GICSP, GCIA, CompTIA Security+, or CISSP.
• Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components.
  
  

Skill Matrix

• Experience supporting or securing tolling systems, traffic management infrastructure, or roadside equipment. Highly desired 3 Years
• Knowledge of security frameworks such as SEC 530, NIST 800-53, NIST 800-82, or CIS Controls. Highly desired 3 Years
• Experience working with third-party vendors and supporting environments with both state-managed and vendor-managed components. Highly desired 3 Years