Cybersecurity Information Technology Apprentice/Infrastructure Specialist Associate

About The Position

Requirements

• Apprentice: 1 course or 2 months experience in Information Systems/Information Technology, or a related field including but not limited to: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, IT Security and Help Desk/Customer Support.
• Associate: 18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating a single technology domain.
• Or successful completion of IT Apprenticeship program at designated agency.
• Or completion of associate core program in computer science or information systems.
• Knowledge of: Computer hardware and software.
• Ticketing software (e.g. Service Now).
• Customer Service techniques and standards.
• State IT policies, procedures and applicable laws.
• Operations and processes for diagnosing common or recurring system problems.
• Computer Network Defense and vulnerability assessment tools, including open source tools, and their capabilities.
• Current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities.
• Database procedures used for querying security tools to gather information.
• Classes of attacks (e.g., passive, active, insider, close-in, distribution, etc.).
• Different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored]).
• Electronic devices (e.g., computer systems/components, access control devices, digital cameras, electronic organizers, hard drives, memory cards, modems, network components, printers, removable storage devices, scanners, telephones.
• How traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI)).
• Incident response and handling methodologies.
• System and application security threats and vulnerabilities.
• Personally Identifying Information (PII).
• System and application security threats and vulnerabilities.
• Operations and processes for diagnosing common or recurring system problems.
• Principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence.
• Organization's core business/mission processes.
• Technical writing and documentation practices (e.g standard operating procedures, training documents, work flow diagrams).
• Reading/verbal comprehension (i.e. comprehend and apply written & verbal instructions).
• Operating PC Hardware and Software (e.g. MS Word, Excel, PPT, Outlook).
• Critical thinking (i.e. impact analysis, troubleshooting).
• Conducting open source research for troubleshooting network and client-server issues.
• Basic operation of computers.
• Using network analysis tools to identify vulnerabilities.
• Preserving evidence integrity according to standard operating procedures or national standards.
• Securing network communications.
• Communication (e.g. Oral, Written, Active Listening).
• Problem sensitivity/problem solving.
• Time Manage (e.g. organization and prioritization).
• Active learning.
• Match the appropriate knowledge repository technology for a given application or environment.
• Identify systemic security issues based on the analysis of vulnerability and configuration data.
• Accurately define incidents, problems, and events in the trouble ticketing system.
• Apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.

Nice To Haves

• Developed after employment

Responsibilities

• Assists in providing support, administration, and maintenance necessary to ensure effective and efficient information security systems.
• Assists in conducting technology assessment and integration process.
• Provides and supports a prototype capability and/or evaluates its utility.
• Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions.
• Provides guidance to customers about applicability of information systems to meet business needs.
• Assists to develop and conduct test of systems to evaluate compliance with specification and requirements by applying principles and methods for cost-effective planning, evaluation, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.
• Assists in performance of security reviews, to identify gaps in security architecture, and develop a security risk management plan.
• Assists in reviewing authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
• Assists with review of qualifications of the cloud service providers to thoroughly vet cloud vendors.
• Assists in performing risk analysis (e.g., threat, vulnerability, and probability of occurrence) on new systems and applications for initial installations and major updates.
• Assists in conducting assessments of threats and vulnerabilities; determining deviations from acceptable configurations, enterprise or local policy; assessing the level of risk and determining appropriate mitigation countermeasures in operational and nonoperational situations.
• Assists in the measuring the effectiveness of defense-in-depth architecture against known vulnerabilities.
• Supports penetration testing on networks, systems or elements of systems.
• Assists to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Assists in the preparation of vulnerability reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.

Benefits

• Medical Coverage
• Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period
• Paid time off, including vacation, personal, sick leave and 11 paid holidays per year
• Childbirth, Adoption, and Foster Care leave
• Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more)
• Public Retirement Systems ( such as OPERS, STRS, SERS, and HPRS ) & Optional Deferred Compensation ( Ohio Deferred Compensation )