Cybersecurity Specialist

About The Position

Requirements

• A bachelor's degree from an accredited college or university in computer science, information systems, engineering, or a related field is preferred (a degree with a focus on information security is a plus)
• three years of professional level information technology technical and operational support experience with an emphasis in cybersecurity is desirable
• prior experience or education in information security, disaster recovery, and incident response.

Nice To Haves

• Certified Penetration Tester (CPT) and Certified Ethical Hacker (CEH)
• Certified Expert Penetration Tester (CEPT)
• Cisco CCNP (Cisco Certified Network Professional) Security
• Microsoft MSCE (Microsoft System Certified Engineer) Server Infrastructure
• CompTIA Security+ (PLUS)
• Certified Information Systems Security Professional (CISSP)
• GIAC Industrial Cyber Security Professional (GICSP)
• GIAC Critical Infrastructure Protection (GCIP)
• GIAC Response and Industrial Defense (GRID)
• Microsoft Windows Server and Workstation OS
• Microsoft Active Directory
• Microsoft Azure and Office 365
• Data Encryption standards and procedures
• Network Vulnerability Scanning & Remediation
• DNS Filtering and Security
• Intrusion Detection and Prevention Systems (IDS/IPS)
• Security Information and Event Management (SIEM)
• Packet Capture and tracing (Wireshark)
• Firewall routing, rules, and content filtering
• Email Security and Spam filtering
• Experience / knowledge of NIST Cybersecurity Framework
• Server and Workstation Patch management

Responsibilities

• Identify weaknesses or misconfigurations in current system designs; recommend and implement solutions.
• Acts as front-line incident responder; gathers and analyzes cybersecurity incident-related data and supports the appropriate response.
• Assist in performing technical project support duties on assigned systems projects in coordination with System Analysts; may be assigned full responsibility for specific systems implementations relevant to security.
• Actively monitor threat lists; this includes federal, local, third party, and internal security reports/lists in order to assist staff in proactively applying security patches.
• Regularly identifies updates to and reviews security policies, standards, guidelines, and procedures to ensure ongoing maintenance of security. This includes careful consideration of business, best practices, and security requirements.
• Actively supports and schedules after hours patching and remediation activities.
• Supports disaster recovery and business continuity activities. This includes supporting initiatives that reduce system downtime, identify, and resolve misconfigurations, or restore a system. In addition, will initiate and monitor vendor performance and activities during critical software or hardware incidents.
• Perform analysis and provide recommendation for procurement of secure software and hardware solutions. This includes gather pricing information, reviewing vendor privacy, data ownership, vulnerability response, and software lifecycle policies. This also includes reviewing vendor codes and gathering vendor quotes to assist in budget preparation.
• Provide metrics and reporting on system security health. This includes active updates on weekly, monthly, quarterly, and annual cybersecurity tasks.
• Coordinates quarterly disaster and recovery analysis, planning, testing and system administration of systems.
• Provides security impact analysis on activities that impact the security of an Agency system or process. These activities may involve selection, implementation, reconfiguration, or upgrade activities of systems or processes.
• Provides after hours availability to support a continuous operation, as required by Agency systems. This may include working an alternative work schedule to support after hours security activities.
• Provide continuous research in support of identifying best practices across cybersecurity, information systems, and water utilities to provide updates and integrate new methods and tools as appropriate.
• Implements internal control, network security methodologies and other security systems for data, systems, and hardware protection and recovery procedures; ensures timely and accurate back-up of data; maintains appropriate confidentiality of sensitive information.
• Performs a variety of specialized, highly technical, and complex security-oriented activities related to database system or network system duties in support of specialized functions or programs.
• Provides operational support to the Agency's network and systems infrastructure. This includes but is not limited to programming, building, analyzing, diagnosing, maintaining, securing, and operating various network devices and systems.
• Maintain effective relationships with third party providers and support personnel.
• Operate a computer and assigned software.
• Perform other related duties as assigned.