Job Details

Qualifications

• Experience -Three (3) years of experience managing security technologies in an enterprise environment
• Incident response, threat modeling, and mitigation
• Firewalls, Intrusion Prevention, 802.1X, web filtering, antivirus and malware protection
• OS hardening techniques for Windows and Linux environments
• Access logging, centralized logging, and monitoring/alerting of security log events using tools such as Syslog, Splunk and NetWrix
• Windows and Linux server management
• Common internet protocols such as DNS, SMTP, LDAP, etc
• Network hardware and software theory and operations (including layer 2 through 7 protocols as well as hardware architecture)

Responsibilities

• The Cyber security Administrator will be responsible for oversight and administration of information security and IT risk management programs based on industry-accepted security and risk management frameworks
• Tasked with improving the maturity levels of information security, state of cybersecurity and enhancing IT risk practices
• Assess computer systems and security risks by investigating potential threats, vulnerabilities; execute and coordinate contingency plans, preventive measures and control techniques, and communicate information to IT Director
• Design, coordinate and implement security procedures and plans
• Provide project leadership and management for security projects, including leading others in the IT department and outside departments, providing cost estimates, managing schedules and providing technical leadership to ensure the project is completed successfully
• Assist IT managers and staff in integrating risk and compliance management into their projects, initiatives and operations
• Identify acceptable levels of residual information security risk and develop action plans, policy and procedural changes for risk mitigation
• Implementation of security procedures/controls
• Monitor networks, systems and applications for conformance to the security requirements and policies
• Run periodic security scans and work with IT teams to address identified weaknesses
• Respond to security incidents, including availability to respond to system problems and incidents after hours
• Coordinate security incident responses
• Monitor industry security updates, changes, technologies, emerging threats and best practices for continuous improvement
• Lead the IT department\'s internal SIRT (Security Incident Response Team)
• Work with law enforcement and other agencies in response to detected incidents
• Initiate, facilitate and promote activities to create information security awareness within the organization
• Identify and track information security metrics
• Create and maintain reports and dashboards for key metrics indicating the level of controls compliance and IT risk posture for the county
• Facilitate regular information security training for county employees