The Security Engineer is responsible for ensuring the security of information across the enterprise. This role will interact closely with customers both internal and external, software developers, I.T. administrators and technicians, compliance officers, and other key stakeholders in order to build information security strategies and programs, develop and implement enterprise-level information security policies and standards, lead information security awareness activities, and identify and remediate information security issues.
The Security Engineer will serve as the primary information security interface and subject matter expert to all of the agency's functional groups and project teams, as well as providing leadership and mentorship to the rest of the Information Security team.
This role will work to improve the ability of the organization to protect the confidentiality, availability, and integrity of the agency's information assets. The Security Engineer operates under administrative supervision and reports to the Chief Information Officer. This position is expected to respond after-hours on short notice in the event of a security incident necessitating their involvement.
MINIMUM QUALIFICATIONS & REQUIREMENTS
Bachelor's Degree in Information Security, Computer Engineering, Information Systems, Computer Science or a closely related field and five (5) years in the information security area OR an equivalent combination of education and/or experience sufficient to successfully perform the essential duties. Required Qualifications: 5+ years of experience in information system security roles Act as a primary point of contact for all issues related to Information Security operations.
- Serves as the Subject Matter Expert (SME) for security tools, trends, methodologies, and best practices for securing platforms and operating systems at the network, server, and endpoint level.
- The ability to communicate security processes and principles to stakeholders both inside and outside of the IT organization.
- Strong time management and organizational skillsThe commercial acumen to provide the organization with cost-effective security solutions
- An enthusiasm for staying up-to-date with the very latest updates about security threats and solutions.
Employment is contingent upon the results of a comprehensive background investigation including work experience verification, criminal background check, and a personal credit history review. Licenses and Certifications: Valid Arizona driver's license • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), GIAC Security Essentials Certification (GSEC) or equivalent certifications are preferred.
EXAMPLES OF DUTIES / KNOWLEDGE & SKILLS
The statements listed below describe the general nature and level of work only. They are not an exhaustive list of all required responsibilities, duties, and skills. Other duties may be added, or this description amended at any time.
Security Operations - Participate in, and provide guidance for the security monitoring and incident response processes listed: Event correlation and detection, Endpoint Detection and Response (AV), Threat Detection and Response, Customizing Security Orchestration tools, overseeing security incidents, performing forensic investigation (as needed), and facilitating incident response communication between stakeholders.
Security Administration – Provide administrative support for the following types of security systems and technologies: Vulnerability Scans, Security Awareness and Phishing, Centralized Log Management, Infrastructure Systems Hardening, Role-Based Access Controls.
Security Engineering – Determine business requirements and provide secure solutions within the following types of areas: Cloud Security, Secure SDLC / AppSec, Network Security, Configuration Management, Security Architecture and Strategy.
Offensive Security – Able to understand and demonstrate how security controls are positioned to protect the business using the following processes: External Network Service Validation, Domain Record Enumeration, Web Application Crawling and Exploitation, Authentication. Risk Management – Able to assess and track the following types of technology risks: Regulatory Requirements, Security Best-Practices Recommendations, Business Continuity and Business Impact Assessments. Security Program Governance – Provide program oversight and development within the following processes: Security Policy Reviews, Organizational Security Framework Self-Assessments, Reporting and Metrics, Prioritizing Initiatives, Coaching and Training. Security Tools and Technologies – Have experience building, operating, and improving the following types of Security Tools and Technologies: ElasticSearch, Cisco SecureX, CiscoAmp, MIPS ThreatSharing, ISAC Alerts, ThreatConnect, Nessus, KnowBe4, Demisto, Thycotic, Deepcode, .Net Analyzer, WinCollect Analyzer, AppScan, ZAP, Wireshark, NMAP, Kali Linux. IT Systems and Technologies – Have experience supporting and providing secure solutions for the following types of IT systems and technologies: Windows Workstations, Windows Server, RHEL, CentOS, Ubuntu, Active Directory GPO, Active Directory users and groups, WSUS, Azure, AWS, IPS/IDS, Domain Architecture (A, MX Records), Email Controls (SPF/DKIM/DMARC), IIS, Drupal, Cisco ASA, Cisco Nexus, Cisco ACL Policies, VMWare ESXi.IT Service Processes and Solutions – Have experience using the following IT service management principles and technology: Asana, Kase, ManageEngine, ITIL v4 (Incident, Problem, Change, Service Requests, Project, Service Improvement), CAB, Architecture Review, Project Management, Security awareness and training programs, Audit Support (both compliance and regulatory), Operationally Critical Threat, Asset, and Vulnerability Asset (OCTAVE) threat assessment framework (specifically the OCTAVE Allegro methodology), Operational Run/Process Documentation.
PHYSICAL DEMANDS / WORK ENVIRONMENT
Physical Demands: Positions in this class typically require: climbing, balancing, stooping, kneeling, crouching, crawling, reaching, standing, walking, driving, lifting, fingering, grasping, feeling, talking, and hearing. Medium Work; Ability to occasionally lift up to 50 pounds with the assistance of applicable equipment or other employees, and up 20 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects. Work Environment: Physical ability to perform office and related work, including operating computers and office equipment; stamina to sit for extended periods of time;Incumbents may be subjected to moving mechanical parts and electrical currents;Limited local travel will also be required to support customers in remote business units;May respond to system emergencies and system failures on a 24/7 basis.